VIRY.CZ

Dobrý den,
prosím o pomoc, nemůžu se přihlásit na Email od seznamu vždy se ukáže tabulka pro registraci tel. čísla viz příloha
na druhém PC v síti to nedělá, antivir nic nenašel, předem děkuji za radu.

Zde je log:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17183
Run by 1234 at 17:07:05 on 2014-12-14
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.1616 [GMT 1:00]
.
AV: AVG Internet Security 2015 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: ESET Smart Security 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET Smart Security 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2015 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: ESET Personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
FW: AVG Internet Security 2015 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\AEADISRV.EXE
C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Windows\system32\lxdncoms.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\MainConsole.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe
C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\RmtDskServer.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\OnGuard.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.seznam.cz/
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Pomocná služba pro přihlášení k účtu Microsoft: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
uRun: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
uRun: [VenwUtesi] regsvr32.exe "C:\ProgramData\VenwUtesi\EateTyux.hel"
mRun: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
mRun: ["C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\MainConsole.EXE"] "C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\MainConsole.exe" RunWithWindows
mRun: [FileZilla Server Interface] "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"
mRun: [NUUO Remote Desktop Server] "C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\RmtDskServer.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {1DC4A509-9C17-4538-B5AA-DB0BA27ED400} - hxxp://192.168.1.2:83/liveview-htmlskin/WebViewS.cab
DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} - hxxp://192.168.1.92:92/JpegInst.cab
DPF: {3476761B-69AC-4ADA-8B82-748FC4721FAF} - hxxp://192.168.1.4:85/UDROCX_H264.cab
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} - hxxp://192.168.1.5/RtspVaPgDec.cab
DPF: {530F7E80-690F-438E-8A4F-E6CAECB4B6F3} - hxxp://192.168.1.6/CMSPlugin.cab
DPF: {59BA4B4E-F390-4AF0-8A7B-37503D7FC00F} - hxxp://192.168.1.9:88/SnPlayer.cab
DPF: {63555E1F-CBA6-4A3D-AFA7-37432697C807} - hxxp://192.168.1.21:91/PCViewX.cab
DPF: {688C8675-1834-48FA-9DEF-4755CEFB9EDE} - hxxp://192.168.1.6/EDVR.CAB
DPF: {6F80BF27-CB16-4589-8C6A-DB422AAB2ED9} - hxxp://192.168.1.6/vcredist_x86.exe
DPF: {73FDD716-9BCE-42F7-8B13-DB4F7587B8D1} - hxxp://anytimeview.com/webview.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {8D17F3CC-3AA9-4024-A684-EE7BCE616620} - hxxp://192.168.1.5:84/FWUActiveX.cab
DPF: {971FC730-55F1-461F-83FD-B3BF5E1F039E} - hxxp://192.168.1.22:89/AVC_AX_742.cab
DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_51-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D6FE1B99-F0CB-4542-A5B0-84E86C7B8EF7} - hxxp://192.168.1.205:5550/WebCamX.cab
DPF: {EAEFAD15-8753-45EF-94B0-1BAA7970CC21} - hxxp://192.168.1.92:92/MpegInst.cab
DPF: {EF34051A-402A-4ABE-AA20-04E1B4422BD9} - hxxp://192.168.1.5/DxClient_NetViewer.cab
TCP: Interfaces\{23499178-4F3B-4E93-97B0-65CC1903E160} : NameServer = 77.236.192.130,77.236.192.150
TCP: Interfaces\{6CA769D3-8A0E-4B4F-A595-8DD2B0E2995A} : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{AC7DC119-A97E-4A8E-A04D-8FEE8C8C015D} : DHCPNameServer = 10.0.0.138
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-6-18 190744]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-7-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-10-5 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-6-18 31512]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-6-18 153368]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2013-9-26 57144]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-10-29 263960]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-8-28 243480]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-10-10 274200]
R1 GUBootStartup;GUBootStartup;C:\Windows\System32\drivers\GUBootStartup.sys [2014-12-12 20160]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-11-9 1486664]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-11-9 3488784]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-11-9 298080]
R2 BT878_01;BT878.G3 Video Capture;C:\Windows\System32\drivers\cxvcap.sys [2011-5-4 92736]
R2 BTAUD01;BT878.G3 Audio Capture;C:\Windows\System32\drivers\cxtscap.sys [2011-5-4 24896]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-5-14 731840]
R2 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2009-5-14 44944]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-4 1149760]
R2 lxdn_device;lxdn_device;C:\Windows\System32\lxdncoms.exe -service --> C:\Windows\System32\lxdncoms.exe -service [?]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-4 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-26 19440960]
R2 StarWindServiceAE;StarWind AE Service;C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-5-28 275968]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-10-4 411968]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-10-4 4799760]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-4 20288]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-10-4 38048]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2013-1-8 398816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 athur;Wireless Network Adapter Service;C:\Windows\System32\drivers\athurx.sys [2014-12-11 1930240]
S3 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe --> C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [?]
S3 ptun0901;TAP Adapter V9 for Private Tunnel;C:\Windows\System32\drivers\ptun0901.sys [2014-8-8 27136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-21 20992]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-1-20 59392]
S3 vNICdrv;Iomega Virtual Miniport;C:\Windows\System32\drivers\vNICdrv.sys [2013-5-20 20048]
S3 vtcdrv;VTC Driver v5.0.0.1;C:\Windows\System32\drivers\vtcdrv.sys [2010-5-7 25088]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-1-25 1255736]
S3 wxpSvc;webcamXP Service;C:\Program Files (x86)\wLite\wService.exe [2010-4-28 5023232]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-12-14 15:58:23 -------- d-sh--w- C:\$RECYCLE.BIN
2014-12-14 15:55:37 24064 ----a-w- C:\Windows\zoek-delete.exe
2014-12-14 15:55:36 -------- d-----w- C:\Users\1234\AppData\Local\Temp
2014-12-14 14:47:28 -------- d-----w- C:\Program Files\trend micro
2014-12-14 11:35:40 -------- d-----w- C:\zoek_backup
2014-12-14 09:37:45 55808 ----a-w- C:\Windows\System32\rrinstaller.exe
2014-12-14 09:37:45 24576 ----a-w- C:\Windows\System32\mfpmp.exe
2014-12-14 09:37:45 23040 ----a-w- C:\Windows\SysWow64\mfpmp.exe
2014-12-14 09:37:45 2048 ----a-w- C:\Windows\SysWow64\mferror.dll
2014-12-14 09:37:45 2048 ----a-w- C:\Windows\System32\mferror.dll
2014-12-14 09:37:44 50176 ----a-w- C:\Windows\SysWow64\rrinstaller.exe
2014-12-14 09:37:44 3209728 ----a-w- C:\Windows\SysWow64\mf.dll
2014-12-14 09:37:44 206848 ----a-w- C:\Windows\System32\mfps.dll
2014-12-14 09:37:44 103424 ----a-w- C:\Windows\SysWow64\mfps.dll
2014-12-14 09:37:43 4121600 ----a-w- C:\Windows\System32\mf.dll
2014-12-14 09:33:52 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2014-12-14 09:31:33 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2014-12-14 09:30:53 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-12-14 09:29:57 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2014-12-14 09:28:29 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-12-14 09:28:29 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-12-12 22:05:42 -------- d-----w- C:\ProgramData\VenwUtesi
2014-12-12 21:19:26 20160 ----a-w- C:\Windows\System32\drivers\GUBootStartup.sys
2014-12-12 21:19:15 -------- d-----w- C:\Program Files (x86)\Glary Utilities 5
2014-12-12 21:04:34 -------- d-----w- C:\_OTM
2014-12-12 20:09:25 -------- d-----w- C:\AdwCleaner
2014-12-12 20:00:46 -------- d-----w- C:\Users\1234\AppData\Roaming\ESET
2014-12-12 19:59:16 -------- d-----w- C:\Program Files\ESET
2014-12-12 17:25:25 -------- d-----w- C:\Program Files (x86)\AVG
2014-12-11 21:10:31 1930240 ----a-w- C:\Windows\System32\drivers\athurx.sys
2014-12-11 21:10:31 1930240 ----a-w- C:\Windows\System32\athurx.sys
2014-12-09 05:45:35 -------- d-----w- C:\Games
2014-12-06 20:56:28 -------- d-----w- C:\Program Files (x86)\Glary Utilities 4
2014-11-30 13:24:53 -------- d-----w- C:\Users\1234\AppData\Local\Yandex
2014-11-30 13:15:15 -------- d-----w- C:\Users\1234\AppData\Roaming\ProductData
2014-11-30 13:14:02 -------- d-----w- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2014-11-30 13:13:51 -------- d-----w- C:\Users\1234\AppData\Roaming\IObit
2014-11-30 13:13:30 -------- d-----w- C:\Users\1234\AppData\Roaming\Yandex
2014-11-30 13:13:30 -------- d-----w- C:\Users\1234\AppData\Local\Chromium
2014-11-30 13:13:18 -------- d-----w- C:\Users\1234\AppData\Roaming\HamsterSoft
2014-11-30 13:12:17 -------- d-----w- C:\Users\1234\AppData\Roaming\Obnovi Soft
2014-11-18 13:56:48 1202848 ----a-w- C:\Windows\SysWow64\FM20.DLL
.
==================== Find3M ====================
.
2014-11-21 08:38:00 2237952 ----a-w- C:\Windows\System32\wininet.dll
2014-11-21 08:37:51 600576 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-21 08:36:24 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-21 08:36:17 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-21 08:36:17 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-11-21 08:35:42 1509376 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-21 07:17:51 1762816 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-21 07:17:44 523264 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-21 07:16:46 2861568 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-21 07:16:42 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-21 07:16:42 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-11-21 07:16:16 1441280 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-21 07:00:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-21 06:54:49 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-21 06:31:56 441856 ----a-w- C:\Windows\System32\html.iec
2014-11-21 06:24:52 361984 ----a-w- C:\Windows\SysWow64\html.iec
2014-11-21 06:05:06 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-11-21 05:59:00 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-11-13 16:17:19 1208831 ----a-w- C:\Windows\unins000.exe
2014-11-11 03:08:52 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-11 03:08:48 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-11 02:44:45 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2014-11-11 02:44:32 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-11 02:44:25 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-11 01:46:26 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2014-11-08 03:16:08 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-11-08 02:45:09 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-10-30 02:03:43 165888 ----a-w- C:\Windows\System32\charmap.exe
2014-10-30 01:45:43 155136 ----a-w- C:\Windows\SysWow64\charmap.exe
2014-10-29 20:35:16 263960 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-19 17:12:04 4 ----a-w- C:\Users\1234\advanced_ip_scanner_MAC.bin
2014-10-19 17:12:04 204 ----a-w- C:\Users\1234\advanced_ip_scanner_Favorites.bin
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 13:14:32 274200 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-05 19:41:40 124184 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
2014-10-03 02:12:23 310272 ----a-w- C:\Windows\System32\WsmWmiPl.dll
2014-10-03 02:12:23 2020352 ----a-w- C:\Windows\System32\WsmSvc.dll
2014-10-03 02:12:22 346624 ----a-w- C:\Windows\System32\WSManMigrationPlugin.dll
2014-10-03 02:12:22 181248 ----a-w- C:\Windows\System32\WsmAuto.dll
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 02:11:49 266240 ----a-w- C:\Windows\System32\WSManHTTPConfig.exe
2014-10-03 01:45:03 248832 ----a-w- C:\Windows\SysWow64\WSManMigrationPlugin.dll
2014-10-03 01:45:03 214016 ----a-w- C:\Windows\SysWow64\WsmWmiPl.dll
2014-10-03 01:45:03 145920 ----a-w- C:\Windows\SysWow64\WsmAuto.dll
2014-10-03 01:45:03 1177088 ----a-w- C:\Windows\SysWow64\WsmSvc.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-03 01:44:25 198656 ----a-w- C:\Windows\SysWow64\WSManHTTPConfig.exe
2014-09-26 19:40:57 17408 ----a-w- C:\psapi.dll
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-09-17 04:51:20 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2014-09-17 04:51:20 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2014-09-17 04:51:20 1538880 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2014-09-17 02:10:22 2193560 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-09-17 02:10:22 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-09-17 02:10:10 2799784 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-09-17 02:10:10 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
.
============= FINISH: 17:08:33,66 ===============

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

skenování dokončeno tady je výsledek OTL.Txt 1 část

OTL logfile created on: 14.12.2014 18:51:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\1234\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17183)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 53,27% Memory free
8,00 Gb Paging File | 5,97 Gb Available in Paging File | 74,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98,48 Gb Total Space | 27,37 Gb Free Space | 27,80% Space Free | Partition Type: NTFS
Drive D: | 367,19 Gb Total Space | 140,78 Gb Free Space | 38,34% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 216,19 Gb Free Space | 92,83% Space Free | Partition Type: NTFS

Computer Name: 1234-PC | User Name: 1234 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2014.12.14 18:00:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\1234\Desktop\OTL.exe
PRC - [2014.11.09 21:57:40 | 003,488,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
PRC - [2014.11.09 21:56:56 | 001,486,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
PRC - [2014.11.09 21:49:56 | 000,298,080 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
PRC - [2014.09.17 03:11:37 | 002,461,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.09.17 03:11:26 | 001,796,928 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.09.13 21:12:58 | 000,411,968 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014.09.12 19:14:55 | 013,559,056 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
PRC - [2014.09.12 19:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014.09.12 19:00:53 | 000,229,648 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
PRC - [2013.06.27 14:07:48 | 000,356,352 | ---- | M] () -- C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\RmtDskServer.exe
PRC - [2011.06.07 20:29:24 | 002,573,312 | ---- | M] (FileZilla Project) -- C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe
PRC - [2011.06.07 20:29:16 | 000,630,272 | ---- | M] (FileZilla Project) -- C:\Program Files (x86)\FileZilla Server\FileZilla server.exe
PRC - [2010.11.20 13:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009.05.14 15:47:54 | 000,731,840 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

========== Modules (No Company Name) ==========

MOD - [2013.06.27 14:07:48 | 000,356,352 | ---- | M] () -- C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\RmtDskServer.exe
MOD - [2013.06.27 14:07:22 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\omni.dll
MOD - [2013.06.27 14:07:22 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\hooks.dll
MOD - [2013.06.27 14:07:16 | 000,060,416 | ---- | M] () -- C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\zlib123.dll
MOD - [2013.06.25 11:51:34 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\libexpat.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014.09.17 03:11:26 | 001,149,760 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014.09.17 03:11:22 | 019,440,960 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.06.05 17:42:04 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV:64bit: - [2009.05.14 15:54:26 | 000,023,296 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2009.05.14 15:47:54 | 000,731,840 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2007.11.28 15:51:42 | 001,039,872 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdncoms.exe -- (lxdn_device)
SRV - [2014.11.09 21:57:40 | 003,488,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014.11.09 21:56:56 | 001,486,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgfws.exe -- (avgfws)
SRV - [2014.11.09 21:49:56 | 000,298,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe -- (avgwd)
SRV - [2014.09.17 03:11:26 | 001,796,928 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.09.13 21:12:58 | 000,411,968 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.09.12 19:14:55 | 004,799,760 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.12.30 00:55:30 | 005,023,232 | ---- | M] (Moonware Studios) [On_Demand | Stopped] -- C:\Program Files (x86)\wLite\wService.exe -- (wxpSvc)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2011.06.07 20:29:16 | 000,630,272 | ---- | M] (FileZilla Project) [Auto | Running] -- C:\Program Files (x86)\FileZilla Server\FileZilla server.exe -- (FileZilla Server)
SRV - [2007.11.06 21:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2007.05.28 17:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.12.12 22:19:26 | 000,020,160 | ---- | M] (Glarysoft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
DRV:64bit: - [2014.10.29 21:35:16 | 000,263,960 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014.10.10 14:14:32 | 000,274,200 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014.10.05 20:41:40 | 000,124,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014.09.17 05:51:20 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014.09.17 03:11:21 | 000,020,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014.09.04 20:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014.08.28 20:47:24 | 000,243,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014.08.08 17:31:10 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ptun0901.sys -- (ptun0901)
DRV:64bit: - [2014.07.18 14:53:26 | 000,313,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014.06.18 20:03:34 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014.06.18 20:03:34 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014.06.18 20:03:20 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014.02.24 13:52:02 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013.09.26 09:44:54 | 000,057,144 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2013.07.25 13:32:08 | 000,086,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2013.07.25 13:32:08 | 000,079,592 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2013.06.28 14:49:20 | 001,930,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2013.05.20 01:04:36 | 000,020,048 | ---- | M] (Iomega Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vNICdrv.sys -- (vNICdrv)
DRV:64bit: - [2013.01.08 12:10:00 | 000,398,816 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.05.04 05:30:56 | 000,092,736 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cxvcap.sys -- (BT878_01)
DRV:64bit: - [2011.05.04 05:30:56 | 000,024,896 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cxtscap.sys -- (BTAUD01)
DRV:64bit: - [2011.03.30 12:16:32 | 002,491,392 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.20 11:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2010.05.07 18:02:14 | 000,025,088 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vtcdrv.sys -- (vtcdrv)
DRV:64bit: - [2009.07.16 11:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 17:42:04 | 000,475,136 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2009.05.14 15:49:54 | 000,044,944 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2009.05.14 15:49:50 | 000,033,608 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\epfwndis.sys -- (Epfwndis)
DRV:64bit: - [2009.05.14 15:49:48 | 000,165,960 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2009.05.14 15:47:16 | 000,134,024 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2009.05.14 15:41:14 | 000,142,776 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamon.sys -- (eamon)
DRV:64bit: - [2007.11.06 21:23:14 | 000,040,464 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-523147670-492511794-919031708-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-523147670-492511794-919031708-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-523147670-492511794-919031708-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-523147670-492511794-919031708-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-523147670-492511794-919031708-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-523147670-492511794-919031708-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-523147670-492511794-919031708-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-523147670-492511794-919031708-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-523147670-492511794-919031708-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?btnG=Google+Search&q="
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: true
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..keyword.enabled: true
FF - prefs.js..keyword.URL: "http://www.google.com/search?btnG=Google+Search&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Windows\system32\C2MP\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\jid1-n5ARdBzHkUEdAA@jetpack: C:\USERS\1234\APPDATA\ROAMING\MOZILLA\EXTENSIONS\JID1-N5ARDBZHKUEDAA@JETPACK [2014.11.30 14:24:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jid1-n5ARdBzHkUEdAA@jetpack: C:\Users\1234\AppData\Roaming\Mozilla\Extensions\jid1-n5ARdBzHkUEdAA@jetpack [2014.11.30 14:24:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014.12.12 21:31:57 | 000,000,000 | ---D | M]

[2014.11.30 14:13:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\1234\AppData\Roaming\Mozilla\Extensions
[2014.11.30 14:24:03 | 000,000,000 | ---D | M] (SuperMegaBest.com) -- C:\Users\1234\AppData\Roaming\Mozilla\Extensions\jid1-n5ARdBzHkUEdAA@jetpack
[2014.12.14 16:47:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\1234\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions
[2014.11.30 14:24:46 | 000,007,476 | ---- | M] () -- C:\Users\1234\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\firmy.cz-142446.xml
[2014.11.30 14:24:46 | 000,007,539 | ---- | M] () -- C:\Users\1234\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\mapy.cz-142446.xml
[2014.11.30 14:24:46 | 000,007,609 | ---- | M] () -- C:\Users\1234\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\seznam.cz-142446.xml
[2014.11.30 14:24:46 | 000,007,480 | ---- | M] () -- C:\Users\1234\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\videa.seznam.cz-142446.xml
[2014.11.30 14:24:46 | 000,006,071 | ---- | M] () -- C:\Users\1234\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\zbozi.cz-142446.xml

O1 HOSTS File: ([2014.12.14 16:25:20 | 000,000,840 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll File not found
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Pomocná služba pro přihlášení k účtu Microsoft) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: ["C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\MainConsole.EXE"] C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\MainConsole.exe ()
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2015\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [FileZilla Server Interface] C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project)
O4 - HKLM..\Run: [NUUO Remote Desktop Server] C:\Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\RmtDskServer.exe ()
O4 - HKLM..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe (Analog Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-523147670-492511794-919031708-1000..\Run: [GUDelayStartup] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
O4 - HKU\S-1-5-21-523147670-492511794-919031708-1000..\Run: [VenwUtesi] C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-523147670-492511794-919031708-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {1DC4A509-9C17-4538-B5AA-DB0BA27ED400} http://192.168.1.2:83/liveview-htmlskin/WebViewS.cab (Hybrid WebView)
O16 - DPF: {33704B0F-9EB7-434B-B752-EA6CFFB87423} http://192.168.1.92:92/JpegInst.cab (pmjpegaudio Class)
O16 - DPF: {3476761B-69AC-4ADA-8B82-748FC4721FAF} http://192.168.1.4:85/UDROCX_H264.cab (UDROCX_H264 Control)
O16 - DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} http://192.168.1.5/RtspVaPgDec.cab (RtspVaPgCtrlNew Class)
O16 - DPF: {530F7E80-690F-438E-8A4F-E6CAECB4B6F3} http://192.168.1.6/CMSPlugin.cab (PLUGIN Control)
O16 - DPF: {59BA4B4E-F390-4AF0-8A7B-37503D7FC00F} http://192.168.1.9:88/SnPlayer.cab (Reg Error: Key error.)
O16 - DPF: {63555E1F-CBA6-4A3D-AFA7-37432697C807} http://192.168.1.21:91/PCViewX.cab (WebCamX Control)
O16 - DPF: {688C8675-1834-48FA-9DEF-4755CEFB9EDE} http://192.168.1.6/EDVR.CAB (DVR4204 Client Control)
O16 - DPF: {6F80BF27-CB16-4589-8C6A-DB422AAB2ED9} http://192.168.1.6/vcredist_x86.exe (Reg Error: Key error.)
O16 - DPF: {73FDD716-9BCE-42F7-8B13-DB4F7587B8D1} http://anytimeview.com/webview.cab (WViewCtl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8D17F3CC-3AA9-4024-A684-EE7BCE616620} http://192.168.1.5:84/FWUActiveX.cab (Reg Error: Key error.)
O16 - DPF: {971FC730-55F1-461F-83FD-B3BF5E1F039E} http://192.168.1.22:89/AVC_AX_742.cab (AMCCtrl Class)
O16 - DPF: {CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {D6FE1B99-F0CB-4542-A5B0-84E86C7B8EF7} http://192.168.1.205:5550/WebCamX.cab (Reg Error: Key error.)
O16 - DPF: {EAEFAD15-8753-45EF-94B0-1BAA7970CC21} http://192.168.1.92:92/MpegInst.cab (pmpeg4cam Class)
O16 - DPF: {EF34051A-402A-4ABE-AA20-04E1B4422BD9} http://192.168.1.5/DxClient_NetViewer.cab (DxClient_NetViewer Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23499178-4F3B-4E93-97B0-65CC1903E160}: NameServer = 77.236.192.130,77.236.192.150
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6CA769D3-8A0E-4B4F-A595-8DD2B0E2995A}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AC7DC119-A97E-4A8E-A04D-8FEE8C8C015D}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 7 Days ==========

[2014.12.14 18:51:35 | 000,000,000 | ---D | C] -- C:\Users\1234\Desktop\Nová složka
[2014.12.14 18:00:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\1234\Desktop\OTL.exe
[2014.12.14 17:06:47 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\1234\Desktop\dds.exe
[2014.12.14 16:58:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.12.14 16:55:36 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2014.12.14 16:55:36 | 000,000,000 | ---D | C] -- C:\Users\1234\AppData\Local\Temp
[2014.12.14 15:47:28 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.12.14 12:37:11 | 000,000,000 | ---D | C] -- C:\Users\1234\Desktop\zoek
[2014.12.14 12:35:40 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014.12.14 12:35:31 | 000,000,000 | ---D | C] -- C:\Users\1234\Desktop\Rar$EXa0.410
[2014.12.14 11:42:28 | 000,000,000 | ---D | C] -- C:\rsit
[2014.12.14 10:37:45 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2014.12.14 10:37:45 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2014.12.14 10:37:45 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2014.12.14 10:37:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2014.12.14 10:37:45 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2014.12.14 10:37:44 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2014.12.14 10:37:44 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2014.12.14 10:37:44 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2014.12.14 10:37:44 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2014.12.14 10:37:43 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2014.12.14 10:33:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft ASP.NET
[2014.12.14 10:32:11 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014.12.14 10:32:11 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014.12.14 10:32:06 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.12.14 10:32:06 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014.12.14 10:32:06 | 000,600,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.12.14 10:32:05 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.12.14 10:32:05 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.12.14 10:32:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014.12.14 10:32:04 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.12.14 10:32:04 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014.12.14 10:32:03 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014.12.14 10:32:03 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.12.14 10:32:03 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.12.14 10:32:03 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.12.14 10:32:02 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.12.14 10:32:02 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.12.14 10:32:02 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.12.14 10:32:02 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.12.14 10:32:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.12.14 10:32:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.12.14 10:32:01 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.12.14 10:32:01 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.12.14 10:32:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.12.14 10:32:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.12.14 10:32:00 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014.12.14 10:32:00 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014.12.14 10:31:33 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2014.12.14 10:31:28 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014.12.14 10:31:28 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2014.12.14 10:31:27 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2014.12.14 10:31:27 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2014.12.14 10:31:27 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014.12.14 10:31:17 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014.12.14 10:31:17 | 000,681,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014.12.14 10:31:17 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2014.12.14 10:31:17 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2014.12.14 10:30:53 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014.12.14 10:30:33 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManMigrationPlugin.dll
[2014.12.14 10:30:33 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014.12.14 10:30:33 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSManHTTPConfig.exe
[2014.12.14 10:30:33 | 000,248,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManMigrationPlugin.dll
[2014.12.14 10:30:33 | 000,214,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2014.12.14 10:30:33 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSManHTTPConfig.exe
[2014.12.14 10:30:33 | 000,181,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmAuto.dll
[2014.12.14 10:30:33 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmAuto.dll
[2014.12.14 10:30:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL
[2014.12.14 10:30:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL
[2014.12.14 10:30:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL
[2014.12.14 10:30:29 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL
[2014.12.14 10:30:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL
[2014.12.14 10:30:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL
[2014.12.14 10:30:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL
[2014.12.14 10:30:28 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2014.12.14 10:30:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL
[2014.12.14 10:30:28 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2014.12.14 10:30:17 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2014.12.14 10:29:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.12.14 10:29:56 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.12.14 10:29:51 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014.12.14 10:29:36 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IMJP10K.DLL
[2014.12.14 10:29:36 | 000,701,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IMJP10K.DLL
[2014.12.14 10:29:08 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\charmap.exe
[2014.12.14 10:29:08 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\charmap.exe
[2014.12.14 10:29:05 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014.12.14 10:29:05 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014.12.14 10:28:29 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014.12.12 23:05:42 | 000,000,000 | ---D | C] -- C:\ProgramData\VenwUtesi
[2014.12.12 22:48:25 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.12.12 22:48:19 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2014.12.12 22:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
[2014.12.12 22:19:26 | 000,020,160 | ---- | C] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2014.12.12 22:19:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Glary Utilities 5
[2014.12.12 22:04:34 | 000,000,000 | ---D | C] -- C:\_OTM
[2014.12.12 21:09:25 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.12.12 21:00:46 | 000,000,000 | ---D | C] -- C:\Users\1234\AppData\Roaming\ESET
[2014.12.12 20:59:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2014.12.12 20:59:16 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2014.12.12 20:59:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2014.12.12 18:27:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2014.12.12 18:25:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2014.12.11 22:10:31 | 001,930,240 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athurx.sys
[2014.12.11 22:10:31 | 001,930,240 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athurx.sys
[2014.12.09 06:45:35 | 000,000,000 | ---D | C] -- C:\Games
[2014.12.08 10:27:33 | 000,000,000 | ---D | C] -- C:\Users\1234\Desktop\kolo

========== Files - Modified Within 7 Days ==========

[2014.12.14 18:06:09 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.12.14 18:00:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\1234\Desktop\OTL.exe
[2014.12.14 17:23:27 | 000,112,323 | ---- | M] () -- C:\Users\1234\Desktop\obrázek002.jpg
[2014.12.14 17:06:58 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\1234\Desktop\dds.exe
[2014.12.14 17:03:02 | 000,010,288 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.12.14 17:03:02 | 000,010,288 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.12.14 16:59:12 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2014.12.14 16:57:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.12.14 16:57:19 | 3220,480,000 | -HS- | M] () -- C:\hiberfil.sys
[2014.12.14 16:25:20 | 000,000,840 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.12.14 16:24:31 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014.12.14 15:40:35 | 000,015,327 | ---- | M] () -- C:\Users\1234\Desktop\LM.bat
[2014.12.14 12:07:21 | 000,898,290 | ---- | M] () -- C:\Users\1234\Desktop\obrázek001.jpg
[2014.12.14 12:07:19 | 000,701,316 | ---- | M] () -- C:\Users\1234\Desktop\obrázek000.jpg
[2014.12.14 11:32:16 | 001,222,144 | ---- | M] () -- C:\Users\1234\Desktop\RSITx64.exe
[2014.12.14 11:04:13 | 000,902,582 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.12.14 11:04:13 | 000,684,518 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.12.14 11:04:13 | 000,146,932 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.12.14 11:04:13 | 000,052,968 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.12.14 11:04:13 | 000,026,378 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.12.14 10:55:18 | 000,418,760 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.12.12 22:19:32 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Glary Utilities 5.lnk
[2014.12.12 22:19:26 | 000,020,160 | ---- | M] (Glarysoft Ltd) -- C:\Windows\SysNative\drivers\GUBootStartup.sys
[2014.12.12 21:08:58 | 002,166,272 | ---- | M] () -- C:\Users\1234\Desktop\AdwCleaner.exe
[2014.12.12 18:27:18 | 000,000,977 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[2014.12.12 10:57:27 | 000,311,116 | ---- | M] () -- C:\Users\1234\Desktop\obrázek015.jpg
[2014.12.12 10:57:26 | 000,345,774 | ---- | M] () -- C:\Users\1234\Desktop\obrázek014.jpg
[2014.12.12 10:56:52 | 000,298,965 | ---- | M] () -- C:\Users\1234\Desktop\obrázek013.jpg
[2014.12.12 10:56:51 | 000,271,052 | ---- | M] () -- C:\Users\1234\Desktop\obrázek012.jpg
[2014.12.12 10:55:17 | 000,212,926 | ---- | M] () -- C:\Users\1234\Desktop\obrázek010.jpg
[2014.12.12 10:03:51 | 000,208,909 | ---- | M] () -- C:\Users\1234\Desktop\obrázek008.jpg
[2014.12.12 10:01:44 | 000,740,691 | ---- | M] () -- C:\Users\1234\Desktop\obrázek007.jpg
[2014.12.11 22:08:13 | 013,206,671 | ---- | M] () -- C:\Users\1234\Desktop\TL-WN722N_V1_131113.zip
[2014.12.09 06:49:42 | 000,001,724 | ---- | M] () -- C:\Users\1234\Desktop\Play SimCity 2013 Offline.lnk
[2014.12.08 13:12:00 | 000,002,181 | ---- | M] () -- C:\Users\1234\Desktop\Kamery.lnk

========== Files Created - No Company Name ==========

[2014.12.14 18:06:09 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.12.14 16:55:37 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014.12.14 15:40:35 | 000,015,327 | ---- | C] () -- C:\Users\1234\Desktop\LM.bat
[2014.12.14 12:08:38 | 000,112,323 | ---- | C] () -- C:\Users\1234\Desktop\obrázek002.jpg
[2014.12.14 12:07:21 | 000,898,290 | ---- | C] () -- C:\Users\1234\Desktop\obrázek001.jpg
[2014.12.14 12:07:19 | 000,701,316 | ---- | C] () -- C:\Users\1234\Desktop\obrázek000.jpg
[2014.12.14 11:32:14 | 001,222,144 | ---- | C] () -- C:\Users\1234\Desktop\RSITx64.exe
[2014.12.12 22:19:32 | 000,001,088 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
[2014.12.12 22:19:32 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Glary Utilities 5.lnk
[2014.12.12 22:19:29 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize 5.job
[2014.12.12 21:08:56 | 002,166,272 | ---- | C] () -- C:\Users\1234\Desktop\AdwCleaner.exe
[2014.12.12 18:27:18 | 000,000,977 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2015.lnk
[2014.12.12 10:57:27 | 000,311,116 | ---- | C] () -- C:\Users\1234\Desktop\obrázek015.jpg
[2014.12.12 10:57:26 | 000,345,774 | ---- | C] () -- C:\Users\1234\Desktop\obrázek014.jpg
[2014.12.12 10:56:52 | 000,298,965 | ---- | C] () -- C:\Users\1234\Desktop\obrázek013.jpg
[2014.12.12 10:56:51 | 000,271,052 | ---- | C] () -- C:\Users\1234\Desktop\obrázek012.jpg
[2014.12.12 10:55:17 | 000,212,926 | ---- | C] () -- C:\Users\1234\Desktop\obrázek010.jpg
[2014.12.12 10:03:51 | 000,208,909 | ---- | C] () -- C:\Users\1234\Desktop\obrázek008.jpg
[2014.12.12 10:01:44 | 000,740,691 | ---- | C] () -- C:\Users\1234\Desktop\obrázek007.jpg
[2014.12.11 22:10:31 | 000,027,040 | ---- | C] () -- C:\Windows\SysNative\netathurx.inf
[2014.12.11 22:10:31 | 000,007,518 | ---- | C] () -- C:\Windows\SysNative\athurextx.cat
[2014.12.11 22:08:12 | 013,206,671 | ---- | C] () -- C:\Users\1234\Desktop\TL-WN722N_V1_131113.zip
[2014.12.09 06:49:42 | 000,001,724 | ---- | C] () -- C:\Users\1234\Desktop\Play SimCity 2013 Offline.lnk
[2014.11.13 17:17:23 | 001,208,831 | ---- | C] () -- C:\Windows\unins000.exe
[2014.11.13 17:17:23 | 000,030,456 | ---- | C] () -- C:\Windows\unins000.dat
[2014.11.01 22:41:14 | 000,000,664 | ---- | C] () -- C:\Windows\SysWow64\sys32.dll
[2014.10.19 18:12:04 | 000,000,204 | ---- | C] () -- C:\Users\1234\advanced_ip_scanner_Favorites.bin
[2014.10.19 18:12:04 | 000,000,004 | ---- | C] () -- C:\Users\1234\advanced_ip_scanner_MAC.bin
[2014.09.20 03:39:30 | 000,000,155 | ---- | C] () -- C:\ProgramData\RmUserCfg.ini
[2014.09.20 03:39:30 | 000,000,044 | ---- | C] () -- C:\ProgramData\Logo_Language.ini
[2014.09.20 03:39:30 | 000,000,000 | ---- | C] () -- C:\ProgramData\IpAndPort.fig
[2014.09.19 20:38:40 | 000,000,417 | ---- | C] () -- C:\Windows\DxClient.INI
[2014.09.19 07:59:29 | 000,000,366 | ---- | C] () -- C:\Windows\DXCLIE~1.INI
[2014.09.07 11:53:10 | 010,236,928 | --S- | C] () -- C:\Windows\SysWow64\acumnchtqd.exe
[2014.09.07 11:53:10 | 000,972,814 | --S- | C] () -- C:\Windows\SysWow64\dcgmnchtqd.exe
[2014.09.07 11:53:10 | 000,187,904 | --S- | C] () -- C:\Windows\SysWow64\lcpmnchtqd.exe
[2014.09.07 11:40:04 | 000,009,596 | ---- | C] () -- C:\Users\1234\AppData\Roaming\msvase.dat
[2014.09.07 11:40:03 | 000,000,028 | ---- | C] () -- C:\Users\1234\AppData\Roaming\msjysjh.dat
[2014.09.07 11:39:45 | 010,236,928 | --S- | C] () -- C:\Windows\SysWow64\acumncvgsd.exe
[2014.09.07 11:39:45 | 000,972,814 | --S- | C] () -- C:\Windows\SysWow64\dcgmncvgsd.exe
[2014.09.07 11:39:45 | 000,187,904 | --S- | C] () -- C:\Windows\SysWow64\lcpmncvgsd.exe
[2014.09.07 11:25:18 | 000,972,814 | --S- | C] () -- C:\Windows\SysWow64\dcgmncjirbdb.exe
[2014.09.07 11:25:18 | 000,187,904 | --S- | C] () -- C:\Windows\SysWow64\lcpmncjirbdb.exe
[2014.09.07 11:25:17 | 010,236,928 | --S- | C] () -- C:\Windows\SysWow64\acumncjirbdb.exe
[2014.06.18 18:48:37 | 000,000,758 | ---- | C] () -- C:\Windows\HolidayMode.ini
[2014.06.18 16:31:58 | 000,541,696 | ---- | C] () -- C:\Windows\SysWow64\IPCDCore.dll
[2014.06.18 16:31:58 | 000,223,744 | ---- | C] () -- C:\Windows\SysWow64\NetworkAPI.dll
[2014.06.18 16:31:58 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\decode.dll
[2014.06.18 16:31:58 | 000,001,147 | ---- | C] () -- C:\Windows\SysWow64\IPCamera.ini
[2014.06.18 16:31:58 | 000,000,396 | ---- | C] () -- C:\Windows\SysWow64\wm.bin
[2014.05.14 17:00:33 | 000,000,003 | ---- | C] () -- C:\Users\1234\stut
[2014.05.14 17:00:20 | 000,234,010 | ---- | C] () -- C:\Windows\SysWow64\poclbm130302GeForce GTX 650gv1w256l4.bin
[2014.05.14 16:58:21 | 000,000,330 | ---- | C] () -- C:\Users\1234\rgut
[2014.05.13 20:37:08 | 010,236,928 | --S- | C] () -- C:\Windows\SysWow64\acumnciqvi.exe
[2014.05.13 20:37:08 | 000,972,814 | --S- | C] () -- C:\Windows\SysWow64\dcgmnciqvi.exe
[2014.05.13 20:37:08 | 000,187,904 | --S- | C] () -- C:\Windows\SysWow64\lcpmnciqvi.exe
[2014.05.13 18:58:51 | 000,972,814 | --S- | C] () -- C:\Windows\SysWow64\dcgmncltasry.exe
[2014.05.13 18:58:51 | 000,187,904 | --S- | C] () -- C:\Windows\SysWow64\lcpmncltasry.exe
[2014.05.13 18:58:50 | 010,236,928 | --S- | C] () -- C:\Windows\SysWow64\acumncltasry.exe
[2014.05.13 18:58:50 | 000,538,126 | --S- | C] () -- C:\Windows\SysWow64\libcurl-4.dll
[2014.05.13 18:58:50 | 000,192,512 | --S- | C] () -- C:\Windows\SysWow64\libidn-11.dll
[2014.05.13 18:58:50 | 000,133,632 | --S- | C] () -- C:\Windows\SysWow64\librtmp.dll
[2014.05.13 18:58:50 | 000,100,864 | --S- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2014.04.25 18:17:11 | 000,000,026 | ---- | C] () -- C:\Windows\VideoPlayer.INI
[2014.04.19 23:29:00 | 000,000,118 | ---- | C] () -- C:\Windows\SysWow64\config_hdp_148CF244CB4A4467BE7989DC2B67D9B6.ini
[2014.04.19 21:05:51 | 000,000,021 | ---- | C] () -- C:\Windows\UMS_Client.INI
[2014.04.19 21:05:06 | 002,449,920 | ---- | C] () -- C:\Windows\SysWow64\CNC_Ctrl.dll
[2014.04.19 20:18:09 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\NdUnreg.dll
[2014.04.15 19:28:18 | 000,000,140 | ---- | C] () -- C:\Windows\NView04.dat
[2014.03.15 16:21:56 | 000,442,368 | ---- | C] ( ) -- C:\Windows\SysWow64\lexlog.dll
[2014.03.15 16:20:57 | 000,430,080 | ---- | C] ( ) -- C:\Windows\SysWow64\LMUD1P32comc.dll
[2014.03.06 19:40:42 | 003,211,264 | ---- | C] () -- C:\Windows\SysWow64\AVC_AX_742_VIEWER.dll
[2014.02.10 22:24:07 | 000,000,807 | ---- | C] () -- C:\Windows\FWDN_V7_CFG.ini
[2014.02.10 22:24:07 | 000,000,741 | ---- | C] () -- C:\Windows\FWDN_V7_0.INI
[2014.01.22 19:37:26 | 000,007,641 | ---- | C] () -- C:\Users\1234\AppData\Local\Resmon.ResmonCfg
[2014.01.22 19:09:19 | 000,943,044 | ---- | C] () -- C:\Windows\SysWow64\scrypt130511GeForce GTX 650glg2tc1984w256l4.bin
[2014.01.22 19:07:30 | 000,000,053 | ---- | C] () -- C:\Users\1234\rgmnr
[2014.01.22 16:45:05 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
[2013.12.21 22:00:15 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2013.12.21 22:00:15 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP6.dll
[2013.12.21 22:00:15 | 000,000,317 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2013.12.21 21:59:24 | 000,003,518 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2013.12.21 21:59:24 | 000,000,922 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2013.12.21 21:59:23 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
[2013.12.21 15:23:29 | 000,877,296 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.12.21 15:03:07 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013.12.05 16:43:20 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\utf8_2_font.dll
[2013.07.18 13:53:20 | 000,221,184 | ---- | C] () -- C:\Windows\SysWow64\AVC_AX_742_H264.dll
[2013.06.07 15:31:40 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\AVC_AX_742_JPEG.dll

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

OTL.Txt 2 část

========== LOP Check ==========

[2014.11.26 15:38:48 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\.minecraft
[2014.10.11 07:37:20 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\AVG
[2014.09.20 14:10:56 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\AVG2015
[2014.10.11 01:44:56 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\ERoot
[2014.12.12 21:00:46 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\ESET
[2014.12.12 22:19:40 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\GlarySoft
[2014.11.30 14:13:21 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\HamsterSoft
[2014.11.30 14:14:22 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\IObit
[2014.02.25 18:42:08 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\IsolatedStorage
[2014.04.19 23:21:14 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\iSpy
[2014.11.13 10:14:17 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support
[2014.12.12 21:31:45 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\KYE 7Key
[2014.01.01 13:40:36 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Milestone
[2014.09.14 18:05:45 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\MyPhoneExplorer
[2014.01.25 22:24:38 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\NUUO
[2014.11.30 14:16:40 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Obnovi Soft
[2013.12.31 08:01:14 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Opera Software
[2014.01.23 15:23:17 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Origin
[2014.09.05 20:59:33 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\PotPlayerMini64
[2014.11.30 14:15:15 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\ProductData
[2014.10.11 07:35:47 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\rmi
[2014.11.03 02:44:25 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Steam
[2013.12.25 17:31:33 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\TeamViewer
[2014.04.20 00:48:59 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\TuneUp Software
[2013.12.22 09:11:36 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Wargaming.net
[2014.11.30 15:10:57 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Yandex
[2014.09.18 18:17:41 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Zoner
[2014.11.15 02:04:13 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2014.11.15 02:04:13 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,628 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.12.12 22:19:29 | 000,000,326 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize 5.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.01.04 06:41:01 | 001,893,224 | ---- | M] (Microsoft Corporation) MD5=5CFB7AB8F9524D1A1E14369DE63B83CC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_0f6a6af57fd59de6\tcpip.sys
[2013.01.03 06:57:12 | 001,876,824 | ---- | M] (Microsoft Corporation) MD5=692969AB90BDA19F56E27BF89A9260E2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_0fe8397098fc3d71\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.01.03 07:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2013.01.04 06:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.11.26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< >

< %systemroot%*.* /U /s >
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[7 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[34 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\spp\tokens\pkeyconfig\*.tmp files -> C:\Windows\System32\spp\tokens\pkeyconfig\*.tmp -> ]
[1 C:\Windows\SysWOW64\spp\tokens\pkeyconfig\*.tmp files -> C:\Windows\SysWOW64\spp\tokens\pkeyconfig\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.11.26 15:38:48 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\.minecraft
[2014.01.22 00:27:24 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Adobe
[2014.11.30 14:14:10 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Apple Computer
[2014.10.11 07:37:20 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\AVG
[2014.09.20 14:10:56 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\AVG2015
[2014.09.20 18:19:31 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\DivX
[2014.10.11 01:44:56 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\ERoot
[2014.12.12 21:00:46 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\ESET
[2014.12.12 22:19:40 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\GlarySoft
[2014.11.30 14:13:21 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\HamsterSoft
[2014.11.30 20:46:52 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\InstallShield
[2014.11.30 14:14:22 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\IObit
[2014.02.25 18:42:08 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\IsolatedStorage
[2014.04.19 23:21:14 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\iSpy
[2014.11.13 10:14:17 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support
[2014.12.12 21:31:45 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\KYE 7Key
[2013.12.21 23:17:55 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Macromedia
[2014.11.30 15:10:57 | 000,000,000 | --SD | M] -- C:\Users\1234\AppData\Roaming\Microsoft
[2014.01.01 13:40:36 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Milestone
[2014.11.30 14:13:29 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Mozilla
[2014.09.14 18:05:45 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\MyPhoneExplorer
[2014.01.25 22:24:38 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\NUUO
[2014.01.22 19:09:06 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\NVIDIA
[2014.11.30 14:16:40 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Obnovi Soft
[2013.12.31 08:01:14 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Opera Software
[2014.01.23 15:23:17 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Origin
[2014.09.05 20:59:33 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\PotPlayerMini64
[2014.11.30 14:15:15 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\ProductData
[2014.10.11 07:35:47 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\rmi
[2014.09.19 16:51:46 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Skype
[2014.11.03 02:44:25 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Steam
[2013.12.25 17:31:33 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\TeamViewer
[2014.04.20 00:48:59 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\TuneUp Software
[2014.10.26 03:09:14 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\vlc
[2013.12.22 09:11:36 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Wargaming.net
[2013.12.21 18:49:18 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\WinRAR
[2014.11.30 15:10:57 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Yandex
[2014.09.18 18:17:41 | 000,000,000 | ---D | M] -- C:\Users\1234\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2013.06.18 13:37:24 | 001,307,662 | ---- | M] () -- C:\Users\1234\AppData\Roaming\ERoot\resource\bin\bec.exe
[2013.06.18 13:37:24 | 000,157,184 | ---- | M] () -- C:\Users\1234\AppData\Roaming\ERoot\resource\bin\fbt.exe
[2014.11.30 14:14:08 | 000,588,576 | ---- | M] () -- C:\Users\1234\AppData\Roaming\IObit\IObit Uninstaller\Install_PintoStartMenutemp.exe
[2014.11.30 14:14:09 | 000,776,992 | ---- | M] () -- C:\Users\1234\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
[2014.11.10 15:13:02 | 002,197,792 | ---- | M] (IObit) -- C:\Users\1234\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe
[2014.11.13 10:13:50 | 000,073,216 | ---- | M] () -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-JWrapper-00030482936-complete\lzma.exe
[2014.11.13 10:13:51 | 000,090,112 | ---- | M] () -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-JWrapper-00030482936-complete\SimpleService.exe
[2014.11.13 10:14:11 | 000,080,672 | ---- | M] () -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-Remote Support-00030482963-complete\elev_win.exe
[2014.11.13 10:14:12 | 000,483,512 | ---- | M] () -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-Remote Support-00030482963-complete\Remote SupportWinLauncher.exe
[2014.11.13 10:14:11 | 000,072,480 | ---- | M] () -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-Remote Support-00030482963-complete\session_win.exe
[2014.11.13 10:14:12 | 000,062,248 | ---- | M] () -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-Remote Support-00030482963-complete\shcad.exe
[2014.11.13 10:14:12 | 000,101,160 | ---- | M] () -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-Remote Support-00030482963-complete\SimpleService.exe
[2014.11.13 10:13:59 | 000,053,344 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-Windows64JRE-00028603271-complete\bin\java.exe
[2014.11.13 10:13:59 | 000,053,346 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-Windows64JRE-00028603271-complete\bin\javaw.exe
[2014.11.13 10:13:59 | 000,053,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-Windows64JRE-00028603271-complete\bin\pack200.exe
[2014.11.13 10:14:05 | 000,053,346 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-Windows64JRE-00028603271-complete\bin\Remote Support.exe
[2014.11.13 10:13:59 | 000,053,346 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-Windows64JRE-00028603271-complete\bin\Remote SupportECompatibility.exe
[2014.11.13 10:13:59 | 000,020,593 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-Windows64JRE-00028603271-complete\bin\ssvagent.exe
[2014.11.13 10:14:00 | 000,127,101 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\1234\AppData\Roaming\JWrapper-Remote Support\JWrapper-Windows64JRE-00028603271-complete\bin\unpack200.exe
[2013.12.21 19:28:13 | 007,391,320 | ---- | M] (ZONER software ) -- C:\Users\1234\AppData\Roaming\Zoner\NLMDB\product.0032\autoupdate.cz\ZPS12_Update_Build12.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.12.14 16:59:12 | 000,000,326 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize 5.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"GUDelayStartup" = "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun -- [2014.12.08 06:47:24 | 000,037,152 | ---- | M] (Glarysoft Ltd)
"VenwUtesi" = regsvr32.exe "C:\ProgramData\VenwUtesi\EateTyux.hel" -- [2009.07.14 02:14:30 | 000,014,848 | ---- | M] (Microsoft Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.11.21 08:40:42 | 000,770,704 | ---- | M] (Microsoft Corporation) MD5=55F99137468CF692802C7C192C422F2C -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.12.14 18:06:09 | 000,000,512 | ---- | M] () MD5=68AE540F5899F7D1308BFD25D17E94AB -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.09.26 19:06:38 | 000,002,556 | ---- | M] () -- \Users\1234\AppData\Local\Microsoft\Internet Explorer\DOMStore\1UAEC8WA\crack7.altervista[1].xml
[2014.09.26 19:05:04 | 000,000,678 | ---- | M] () -- \Users\1234\AppData\Local\Microsoft\Internet Explorer\DOMStore\P1IWKWND\hdd-regenerator-2014-crack.blogspot[1].xml
[2014.11.03 02:38:00 | 000,000,473 | ---- | M] () -- \Users\1234\AppData\Roaming\Microsoft\Office\Naposledy otevřené\Farming Simulator 15 cz + crack.LNK
[2014.12.08 17:19:21 | 000,000,751 | ---- | M] () -- \Users\1234\AppData\Roaming\Microsoft\Windows\Recent\rebuilt.SimCity-5-2013-offline-crack-cz.lnk
[2014.12.08 15:51:07 | 000,000,718 | ---- | M] () -- \Users\1234\AppData\Roaming\Microsoft\Windows\Recent\SimCity-5-(cracknuto+cz).lnk
[2014.12.14 11:00:22 | 000,000,723 | ---- | M] () -- \Users\1234\AppData\Roaming\Microsoft\Windows\Recent\SimCity-5-2013-offline-crack-cz.lnk
[2014.12.08 17:23:39 | 000,000,715 | ---- | M] () -- \Users\1234\AppData\Roaming\Microsoft\Windows\Recent\SimCity-5-2013-offline-crack-cz.rar.lnk
[2014.12.14 10:09:13 | 000,000,388 | ---- | M] () -- \Users\1234\Favorites\Links\SimCity 5 (cracknuto+cz).zip Ulož.url
[2014.12.14 10:09:13 | 000,001,968 | ---- | M] () -- \Users\1234\Favorites\Links\SimCity 5 2013 offline crack cz.rar Ulož.url

< *keygen* /s >
[2014.03.30 09:50:18 | 008,455,575 | ---- | M] () -- \Program Files (x86)\HDD Regenerator 1.71+Keygen [h33t][MurtajiZ]\HDD Regenerator 1.71+Keygen [h33t][MurtajiZ].zip
[2014.09.26 19:08:06 | 000,001,457 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Regenerator 1.71+Keygen [h33t][MurtajiZ]\HDD Regenerator 1.71+Keygen [h33t][MurtajiZ].lnk
[2014.09.26 19:08:06 | 000,001,457 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\HDD Regenerator 1.71+Keygen [h33t][MurtajiZ]\HDD Regenerator 1.71+Keygen [h33t][MurtajiZ].lnk

< *loader* /s >
[2014.08.17 19:16:48 | 000,000,006 | ---- | M] () -- \7Loader.TAG
[2013.09.19 21:38:04 | 001,177,888 | ---- | M] () -- \NVIDIA\DisplayDriver\331.58\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2013.12.10 03:15:46 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\332.21\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2014.09.17 03:10:49 | 001,170,240 | ---- | M] () -- \NVIDIA\DisplayDriver\344.11\Win8_WinVista_Win7_64\English\GFExperience\ExtensionLoader.dll
[2013.12.10 03:13:27 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForceR331GameReadyDriver\ExtensionLoader.dll
[2013.11.14 12:56:55 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForceR331GameReadyDriver\GFExperience\ExtensionLoader.dll
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[1999.12.12 00:00:00 | 000,014,515 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\frontLoaders\stoll\stollFrontLoaderFZ.i3d
[1999.12.12 00:00:00 | 000,336,796 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\frontLoaders\stoll\stollFrontLoaderFZ.i3d.shapes
[1999.12.12 00:00:00 | 000,007,584 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\frontLoaders\stoll\stollFrontLoaderFZ.xml
[1999.12.12 00:00:00 | 001,398,256 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\frontLoaders\stoll\stollFrontLoaderFZDecal_diffuse.dds
[1999.12.12 00:00:00 | 000,699,192 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\frontLoaders\stoll\stollFrontLoaderFZDecal_specular.dds
[1999.12.12 00:00:00 | 000,007,576 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\frontLoaders\stoll\stollFrontLoaderFZNH.xml
[1999.12.12 00:00:00 | 000,699,192 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\frontLoaders\stoll\stollFrontLoaderFZ_diffuse.dds
[1999.12.12 00:00:00 | 000,699,192 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\frontLoaders\stoll\stollFrontLoaderFZ_normal.dds
[1999.12.12 00:00:00 | 001,398,256 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\frontLoaders\stoll\stollFrontLoaderFZ_specular.dds
[1999.12.12 00:00:00 | 002,796,344 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\frontLoaders\stoll\stollFrontLoaderImplements_diffuse.dds
[1999.12.12 00:00:00 | 002,796,344 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\frontLoaders\stoll\stollFrontLoaderImplements_normal.dds
[1999.12.12 00:00:00 | 002,796,344 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\frontLoaders\stoll\stollFrontLoaderImplements_specular.dds
[1999.12.12 00:00:00 | 000,262,272 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\store\store_stollFrontLoaderFZ.dds
[1999.12.12 00:00:00 | 000,262,272 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\store\store_stollFrontLoaderFZNH.dds
[1999.12.12 00:00:00 | 000,262,272 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\store\store_wheelLoaderFork.dds
[1999.12.12 00:00:00 | 000,262,272 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\store\store_wheelLoaderLogFork.dds
[1999.12.12 00:00:00 | 000,262,272 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\store\store_wheelLoaderShovel.dds
[1999.12.12 00:00:00 | 000,002,952 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\wheelLoaders\lizard\wheelLoaderFork.i3d
[1999.12.12 00:00:00 | 000,067,600 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\wheelLoaders\lizard\wheelLoaderFork.i3d.shapes
[1999.12.12 00:00:00 | 000,000,910 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\wheelLoaders\lizard\wheelLoaderFork.xml
[1999.12.12 00:00:00 | 000,699,192 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\wheelLoaders\lizard\wheelLoaderImplements_diffuse.dds
[1999.12.12 00:00:00 | 000,699,192 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\wheelLoaders\lizard\wheelLoaderImplements_normal.dds
[1999.12.12 00:00:00 | 000,699,192 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\wheelLoaders\lizard\wheelLoaderImplements_specular.dds
[1999.12.12 00:00:00 | 000,004,556 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\wheelLoaders\lizard\wheelLoaderLogFork.i3d
[1999.12.12 00:00:00 | 000,220,048 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\wheelLoaders\lizard\wheelLoaderLogFork.i3d.shapes
[1999.12.12 00:00:00 | 000,001,911 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\wheelLoaders\lizard\wheelLoaderLogFork.xml
[1999.12.12 00:00:00 | 000,005,211 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\wheelLoaders\lizard\wheelLoaderShovel.i3d
[1999.12.12 00:00:00 | 000,267,604 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\wheelLoaders\lizard\wheelLoaderShovel.i3d.shapes
[1999.12.12 00:00:00 | 000,003,890 | ---- | M] () -- \Program Files (x86)\Farming Simulator 15\data\vehicles\wheelLoaders\lizard\wheelLoaderShovel.xml
[2014.01.08 15:24:26 | 000,003,208 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_IP\www\yui\build\assets\skins\sam\ajax-loader.gif
[2014.01.08 15:24:28 | 000,003,208 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_IP\www\yui\build\carousel\assets\ajax-loader.gif
[2014.01.08 15:24:28 | 000,003,208 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_IP\www\yui\build\carousel\assets\skins\sam\ajax-loader.gif
[2013.06.25 11:50:50 | 000,005,268 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_IP\www\yui\build\imageloader\imageloader-min.js
[2014.01.08 15:24:28 | 000,007,101 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_IP\www\yui\build\uploader\assets\uploader.swf
[2013.11.27 11:43:22 | 000,003,208 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\www\yui\build\assets\skins\sam\ajax-loader.gif
[2013.11.27 11:43:24 | 000,003,208 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\www\yui\build\carousel\assets\ajax-loader.gif
[2013.11.27 11:43:24 | 000,003,208 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\www\yui\build\carousel\assets\skins\sam\ajax-loader.gif
[2013.11.27 11:43:24 | 000,005,268 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\www\yui\build\imageloader\imageloader-min.js
[2013.11.27 11:43:24 | 000,011,361 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\www\yui\build\uploader\uploader-min.js
[2013.11.27 11:43:24 | 000,007,101 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\www\yui\build\uploader\assets\uploader.swf
[2013.11.27 11:43:24 | 000,029,500 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\www\yui\build\yuiloader\yuiloader-min.js
[2013.11.27 11:43:22 | 000,060,327 | ---- | M] () -- \Program Files (x86)\NUUO\SCB_MPEG4_Hybrid\www\yui\build\yuiloader-dom-event\yuiloader-dom-event.js
[2014.09.17 03:10:49 | 001,170,240 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2014.06.10 15:42:34 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2014.06.10 15:42:34 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2014.06.10 15:42:30 | 000,070,464 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2014.06.10 15:42:30 | 000,085,312 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2011.10.04 22:14:24 | 000,071,008 | ---- | M] () -- \Program Files (x86)\Portable\Farming Simulator 2013 v1.3\PhysXLoader.dll
[2010.03.15 11:28:24 | 000,045,056 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2010.04.29 14:12:38 | 000,673,160 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 12\Plugins\Facebook\ZPSFacebookUploader.exe
[2010.04.29 14:12:40 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 12\Plugins\Facebook\ZPSPluginLoader.exe
[2010.04.29 14:12:42 | 000,686,984 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 12\Plugins\Flickr\ZPSFlickrUploader.exe
[2010.04.29 14:12:42 | 000,053,640 | ---- | M] () -- \Program Files (x86)\Zoner\Photo Studio 12\Plugins\Flickr\ZPSPluginLoader.exe
[2014.04.19 23:49:00 | 000,000,108 | ---- | M] () -- \Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20140420_004046\Datastore\_Extension_Agent_SqlResourceLoaderPath.xml
[2014.04.20 00:28:33 | 000,000,108 | ---- | M] () -- \Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20140420_012359\Datastore\_Extension_Agent_SqlResourceLoaderPath.xml
[2013.09.19 21:38:04 | 001,177,888 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{DAFAA540-F008-42DE-BE10-941DCA6F6F09}\ExtensionLoader.dll
[2013.12.10 03:15:46 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{F3E8FB09-110C-4C85-9BFF-1DF4B8AC8295}\ExtensionLoader.dll
[2013.12.01 14:09:05 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2013.06.19 15:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013.06.19 15:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.06.19 15:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2014.12.14 18:23:56 | 000,003,208 | ---- | M] () -- \Users\1234\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GTZR12N9\ajax-loader[1].gif
[2014.12.14 18:23:55 | 000,003,208 | ---- | M] () -- \Users\1234\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QCIT0B3Q\be1cede9.ajax-loader[1].gif
[2013.06.18 13:37:06 | 000,049,699 | ---- | M] () -- \Users\1234\AppData\Roaming\ERoot\skin\lua_unlock_htc_bootloader.png
[2014.11.07 13:01:42 | 000,006,622 | ---- | M] () -- \Users\1234\AppData\Roaming\Mozilla\Extensions\jid1-n5ARdBzHkUEdAA@jetpack\resources\addon-sdk\lib\sdk\content\loader.js
[2014.11.07 13:01:42 | 000,002,517 | ---- | M] () -- \Users\1234\AppData\Roaming\Mozilla\Extensions\jid1-n5ARdBzHkUEdAA@jetpack\resources\addon-sdk\lib\sdk\l10n\loader.js
[2014.11.07 13:01:42 | 000,004,066 | ---- | M] () -- \Users\1234\AppData\Roaming\Mozilla\Extensions\jid1-n5ARdBzHkUEdAA@jetpack\resources\addon-sdk\lib\sdk\windows\loader.js
[2014.11.07 13:01:42 | 000,018,305 | ---- | M] () -- \Users\1234\AppData\Roaming\Mozilla\Extensions\jid1-n5ARdBzHkUEdAA@jetpack\resources\addon-sdk\lib\toolkit\loader.js
[2014.12.14 10:09:16 | 000,000,526 | ---- | M] () -- \Users\1234\Favorites\Renek\PC\http--downloader.zex.cz-index.phpPHPSESSID=dc3d8a82970c17e02babe3599cd627c6&url=http%3A%2F%2Fwww.stream.cz%2Fuservideo%2F364439-chcete-vedet-co-s-vami-udelaji-drogy-za-volantem.url
[2013.06.19 15:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013.06.19 15:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013.11.11 14:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013.11.11 14:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013.06.19 15:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013.12.21 18:25:54 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:26:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_66fe4899953f502c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 15:12:39 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_677d175eae65090e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 16:17:49 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 16:17:49 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2009.07.14 16:17:49 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2009.07.14 16:17:49 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2009.07.14 16:17:49 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2014.01.21 08:04:50 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2014.01.21 08:04:50 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2014.01.21 08:04:50 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2014.01.21 08:04:50 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2014.01.21 08:04:50 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.08 21:43:09 | 000,007,786 | ---- | M] () -- \zoek_backup\C_Users_1234_Documents_Add-in Express\adxloader.log

========== Alternate Data Streams ==========

@Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:D78D6FF7
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:B755D674
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1AAB2E68

< End of report >

Extras.Txt

OTL Extras logfile created on: 14.12.2014 18:51:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\1234\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17183)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 53,27% Memory free
8,00 Gb Paging File | 5,97 Gb Available in Paging File | 74,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 98,48 Gb Total Space | 27,37 Gb Free Space | 27,80% Space Free | Partition Type: NTFS
Drive D: | 367,19 Gb Total Space | 140,78 Gb Free Space | 38,34% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 216,19 Gb Free Space | 92,83% Space Free | Partition Type: NTFS

Computer Name: 1234-PC | User Name: 1234 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"7026:TCP" = 7026:TCP:*:Enabled:Remote Assistance Local
"5692:TCP" = 5692:TCP:*:Enabled:Remote Assistance Remote

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04D6E754-1019-4B0B-83E3-D60AEB6691B0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{093275EC-0411-4638-A801-DA6C5BEB049A}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{0AF71C5C-0DE9-418E-B2E4-C323CC27D92D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0FEB0D9D-C732-4447-8F7E-835062F20AF2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{111781EE-A653-45A7-A905-93BBBF454A64}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{15AD336C-FCE8-4298-A06C-4976D32BC4E5}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{1CA0E407-F44F-4FA9-83A6-75E4AB482012}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{1F77EE0F-3C4D-4A6A-8195-F8A0F8ACBC61}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{2259FF58-F671-4C50-AE3E-0E26FEF5D8F3}" = rport=445 | protocol=6 | dir=out | app=system |
"{2953F3EF-34A8-418F-BF2F-015080562979}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{29B33EF4-5546-4CE9-8F02-2D45B9E75E1A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{37E68232-302B-4520-A8F1-9C2FF9225DFB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{383ED1DA-E6AA-4C17-B47E-A5DE271E8405}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{3E0923E0-BC38-43AC-952A-8889B692264A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3F764451-5566-4439-9A92-8CA32FEE343A}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{43CE1DEB-175A-47E2-9053-64751414D71B}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{44006BF5-D56A-46C8-9EDC-E2712B8DAE66}" = rport=139 | protocol=6 | dir=out | app=system |
"{461FAA33-2528-404A-BC09-EFC6E1711117}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{4E795813-7232-436D-809A-5321E03A3260}" = rport=138 | protocol=17 | dir=out | app=system |
"{4EAB1850-0AD5-4676-85F5-798AB1DF921E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{551536E9-2E24-46C0-863F-7B0A3DE63B6D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{57CB1DDB-595F-43D7-9FD0-26699688D557}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{59630826-021D-47FF-AC8D-E17F9439F694}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{59A81367-42BD-4E8D-AE44-C465C877BEA7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{59B77B60-A343-4500-B776-F624E43BB9B5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5DB6C7FF-ABDE-42EE-B3A4-861001A581A0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{5DD50C18-F038-4417-B455-2F988A58A1BE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5E78CBBA-EC24-435D-8F09-1F9B6E721CF9}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{63A9350A-AC67-4CB6-A793-F1D7C487BB57}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{668E1E31-542D-42FA-A7D8-B401462F7716}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6CB30A43-A871-4A31-B842-4668DBE9409D}" = rport=137 | protocol=17 | dir=out | app=system |
"{6E33F21A-08BB-44E1-B900-9D9673C784FE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7AEDC375-3310-494B-90CD-15762442CF9B}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7B5600AD-1ABA-4FED-A668-4EDEAD142D7B}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{7DE19F8C-609A-4314-B02E-809E1611FF7D}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{7E593863-9100-456A-A15D-6B7E91C64D89}" = rport=10243 | protocol=6 | dir=out | app=system |
"{811D14A9-7250-4E05-AE2B-8E1BC0A94B2E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{827BB485-D6C1-4D52-B0ED-7692EB1D672B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8330CB72-ECE4-4154-8E1C-9506E78BBA31}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{83E0F7A2-EA2A-498D-B49C-0A88CF475737}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{85E4E94F-959A-47E2-B22E-F45357F86161}" = lport=445 | protocol=6 | dir=in | app=system |
"{893EDAE2-9541-452A-95C1-365F1C3B77B0}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8DCE8593-EE3F-4719-A782-7CE83C02CD42}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8F9B6594-6873-431C-95CE-53B33677D09C}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{94A5D176-85FA-4FE2-ADB4-C43B69ECFBE9}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{95C35A14-3B72-469B-8D40-0C8D483B35BA}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{998EC8A3-AF26-496C-AB48-3E5D0D34B186}" = rport=2869 | protocol=6 | dir=out | app=system |
"{99BCDAF6-7AB1-436F-A539-D3198CB53ADB}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{9AE3AB34-6739-4A1F-9570-B4A9192BDB31}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{A31275F9-1F8C-477F-B0CF-EF33B4AEDE23}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A47851F7-B524-4103-B6F8-01306FCCDE04}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A56B7736-6BDF-4314-A2A1-E488AB205866}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A819FBDF-D991-4EE3-8B52-31AFA789617F}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{AC7C6F16-5C29-4BC0-842E-E50D8A2026B5}" = lport=138 | protocol=17 | dir=in | app=system |
"{BCFF9381-3DD1-4FC2-B1FE-0A5EDA0648CC}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{C3E4E0ED-A21D-4EE0-95C4-A50B328363C4}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{C90E57CE-155E-4E1D-B9E2-49A262EDA66B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C98EC2F9-FBC4-4642-AE95-FB484300030C}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CF4D26EE-30AE-4550-82B8-CD41CE1195A7}" = lport=137 | protocol=17 | dir=in | app=system |
"{D6EEF12C-4C31-43EB-92E5-82DB605A741C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D7F472D1-A314-40ED-BB8C-EE13FE2C7A5F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DB155A12-797B-427E-8673-D5C8054CA69E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DB4C8B17-FDDE-4E8F-8F78-E01AD73F1ED0}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E6EDB4B2-4802-4F2A-AC9B-B4A189BA54A2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EC0ACF67-E7CA-4B1F-B71D-9B90F2CD7AF5}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{F3E4C019-8A37-4055-9E88-2F9EDABC0211}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F7A1A564-1D58-48F2-AA34-B420520759DD}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{FCB10926-A007-4864-B177-7C4533D981CE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FF4EA922-4442-45A5-972E-376196261226}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00379B9B-7EBB-4191-B064-845364E63B91}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{03AC3790-55C8-4E4B-9D0C-B9BD9FCD438F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0639D467-D638-4935-A282-5FCF79C192A7}" = protocol=17 | dir=in | app=c:\program files (x86)\wlite\wlite.exe |
"{07821CBC-9245-4972-88B2-9C46D33883EF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{09B395E3-D630-46EA-A2A1-A0DC31EDAAC2}" = protocol=6 | dir=in | app=c:\program files (x86)\nvms5 standard edition\bin\nru.exe |
"{0FA2F74B-A304-419A-9756-BA7D9629C830}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{0FE2C9E7-280A-4E40-809B-C1802642D8BC}" = protocol=6 | dir=out | app=system |
"{1B40FC13-1435-481C-9F38-0C339F592A21}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{207A22AB-B2A6-4E36-8ED3-487D10F89434}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{20BEA768-A652-468B-9C7D-44D9C466E064}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{215CE0EB-096D-46F5-8469-534887CA55AB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{22B98DBD-C9EE-4E89-BF76-006C5F50F088}" = protocol=6 | dir=in | app=c:\lexmark\lexmark_universal_v2_ud1_installation_package\installationpackage\install\x64\installgui.exe |
"{25D7B1D8-D524-4307-9A46-24CD9DC1B174}" = protocol=6 | dir=in | app=d:\hdd 500 gb záloha\hry\rebuilt.simcity-5-2013-offline-crack-cz\simcity 2013 offline\simcity\simcity.exe |
"{2B6850B9-D723-48D6-8FF0-385FF4B630C2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{2EA2FAB8-9892-4CCF-AEEF-AB7B3E334BC1}" = protocol=17 | dir=in | app=c:\users\1234\appdata\local\temp\dl.exe |
"{3562B68F-97B4-44FF-81E3-81E35596E83D}" = protocol=6 | dir=in | app=c:\users\1234\appdata\local\temp\rar$exa0.084\simcity 2013 offline\simcity\simcity.exe |
"{36BB58B3-F16F-4114-9695-EE29BE05CFAD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3D2229B4-52A8-43FC-AC8D-DA2608E4638D}" = protocol=6 | dir=in | app=e:\hry\rebuilt.simcity-5-2013-offline-crack-cz\simcity 2013 offline\simcity\simcity.exe |
"{3E00FB64-FAB3-49D5-BD69-ED97F6DF808A}" = protocol=17 | dir=in | app=c:\lexmark\lexmark_universal_v2_ud1_installation_package\installationpackage\install\x64\installgui.exe |
"{491C571C-2771-4F36-A669-847050722672}" = protocol=17 | dir=in | app=c:\games\simcity 2013 offline\simcity\simcity.exe |
"{4C6C744F-0C00-4103-95E7-A7E34AA92958}" = protocol=6 | dir=in | app=c:\program files (x86)\wlite\wlite.exe |
"{55BE6F85-A132-4065-9AFF-42A0D0AC1715}" = protocol=6 | dir=in | app=c:\program files (x86)\nvms5 standard edition\bin\cms.exe |
"{56A404D1-FC05-4721-B66B-750A9274D20F}" = protocol=17 | dir=in | app=c:\program files (x86)\nvms5 standard edition\bin\vtdu.exe |
"{578713FA-218B-4815-8CF7-91779E0ADFB1}" = protocol=17 | dir=in | app=e:\hry\rebuilt.simcity-5-2013-offline-crack-cz\simcity 2013 offline\simcity\simcity.exe |
"{5A504ADC-8507-4B4F-AAED-7A2B2DD5EEA3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5A5B4C25-B575-46BA-A3DF-24A023A33B54}" = protocol=17 | dir=in | app=c:\program files (x86)\nvms5 standard edition\bin\cms.exe |
"{5CE092ED-F3DA-4135-911B-F78312B6A61B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{63088A06-5CC1-4B18-969E-FD0450D68FF2}" = protocol=6 | dir=in | app=c:\games\simcity 2013 offline\simcity\simcity.exe |
"{676D8AB7-4857-4DD5-8E55-3B97D6682357}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6A3DC546-DE38-4487-8EC1-4C775AA2CCE2}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{6B40D12C-6796-442C-95C9-E7C86361BF45}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\pandoraservice.exe |
"{73792FAA-D513-4290-BA11-4784E9FDA7C7}" = protocol=6 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{760FB5A1-FE0A-4B06-A0E7-A662932D0626}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7D75D8F6-5F76-4D2D-9789-99EBD844CAD8}" = protocol=17 | dir=in | app=c:\program files (x86)\wlite\wservice.exe |
"{7D79EBCE-7E1B-4D1E-87E1-D0ECB530C245}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{899FFC98-3981-485B-A4FD-538A37D3CF6B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgdiagex.exe |
"{8AB98483-E3E4-43F2-B36F-87F179BF843E}" = protocol=6 | dir=in | name=porty všechny |
"{9059A9B8-FA3C-4E1A-A544-77F16934F2D4}" = protocol=17 | dir=in | app=c:\program files (x86)\nvms5 standard edition\bin\nru.exe |
"{942FDBDA-6306-4DF0-B8C4-217437BEB3DD}" = protocol=6 | dir=in | app=c:\program files (x86)\nvms5 standard edition\bin\vtdu.exe |
"{9879D55B-957C-4DE4-90A1-0D3000886573}" = protocol=6 | dir=in | app=c:\users\1234\appdata\local\temp\dl.exe |
"{999C8B3F-26D8-4646-8381-6DE940D686C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9AEA6258-B0BE-495F-A194-81A825525BBB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{9F63836C-43DA-4CE2-81F6-BC155430F1F1}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{A16B2C0E-54FA-4968-BBDD-9CB4B10CED07}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A563789C-5A7E-4E8E-9EB6-08E589B213F9}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2015\avgmfapx.exe |
"{A5C6C735-1738-417A-AAD4-1E74A1E99BED}" = protocol=17 | dir=in | app=d:\hdd 500 gb záloha\hry\rebuilt.simcity-5-2013-offline-crack-cz\simcity 2013 offline\simcity\simcity.exe |
"{A70FE3E5-9E56-4CEB-97BB-787FC0322C9B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgemca.exe |
"{A9748F41-7106-49DB-9A34-7738AFFACD99}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AB8971F3-3549-49BE-9CBB-70C43807AB56}" = protocol=6 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{AC3BAB3D-7E9C-466E-8AAA-60EA6DA4B840}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2015\avgnsa.exe |
"{AC628B4B-E676-46F8-853A-AF06E185F105}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B3D125AF-3778-4133-9388-8AACDD246A98}" = protocol=6 | dir=in | app=c:\program files (x86)\wlite\wservice.exe |
"{B6A86C2D-DACA-4C42-A9FF-A497FE2C9BF7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B7613086-61D7-4277-86DA-7C7F6BDA0552}" = protocol=17 | dir=in | app=c:\windows\system32\lxdncoms.exe |
"{B800F199-187A-408F-8339-245E3CFBA26C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{BDEBEF8E-707E-43C6-B148-80E0E11A5057}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CACDA5E8-ED58-4A9B-982D-C2BA31ACEE84}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{CE1D5095-D23E-4446-89FA-F67CB55FD675}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{D2DC04F6-062F-420E-A166-25FA5DC0A5C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D74212F0-9D6F-48E0-82EB-60C930D50D35}" = protocol=17 | dir=in | app=c:\users\1234\appdata\local\temp\rar$exa0.084\simcity 2013 offline\simcity\simcity.exe |
"{D8061ABF-0242-4336-98A3-9A68850758EA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{DB2CE9E8-EA5D-4C1F-AA7A-83971DDD6315}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DEC069F4-E7DD-4EED-888D-32E9225F5D17}" = protocol=6 | dir=in | name=porty všechny |
"{E2D7CC59-EAFD-4E3C-A036-98DA5F1A62CE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E2E1A4DB-8A8C-442C-8A0E-B43D4EDB3E29}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{E34E379E-E9FC-489D-9FF2-22F3FB3BB49F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E745FED3-902F-48F0-9DFE-287376E03AEF}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdnpswx.exe |
"{EAD6B899-713B-429C-8530-F9B16E145E19}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE7210B9-C798-47EE-B055-9AEBBC88D8CA}" = protocol=17 | dir=in | app=c:\program files (x86)\pandora.tv\panservice\panprocess.exe |
"{F71D507C-C779-4E98-9555-155716EB49E8}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{FBF14FF9-B4E9-4917-A70A-C16D9CF50F7A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FDE0DAE6-BD4E-4808-AA64-D7A37483BF5F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FDFC0E2A-225C-4C5D-8B84-8AB86C0AB942}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"TCP Query User{00681492-E42F-442D-B749-3ED7DD2E5118}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe" = protocol=6 | dir=in | app=c:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe |
"TCP Query User{0158B2F8-8D5C-476A-AF3A-A1F8885E44B4}C:\program files (x86)\farming simulator 15\x64\farmingsimulator2015game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 15\x64\farmingsimulator2015game.exe |
"TCP Query User{06566527-692D-481E-8A00-29A64275B43D}C:\program files (x86)\easyse monitoring panel\superipcam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\easyse monitoring panel\superipcam.exe |
"TCP Query User{113DC926-FD7C-480C-BB15-DF0ECC1812B8}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{11FFC219-4623-4E09-A7E9-24FE358F9A58}C:\program files (x86)\nuuo\scb_mpeg4_hybrid\mainconsole.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nuuo\scb_mpeg4_hybrid\mainconsole.exe |
"TCP Query User{20CAAE7F-7262-4C67-AA0A-D3AD63E24E3C}C:\program files (x86)\alexey v.voronin\ups_assistant\upsassistant.exe" = protocol=6 | dir=in | app=c:\program files (x86)\alexey v.voronin\ups_assistant\upsassistant.exe |
"TCP Query User{4DCB2670-C121-4D68-91B8-E39D0739B5DD}C:\program files (x86)\easyse monitoring panel\ipcamwizard.exe" = protocol=6 | dir=in | app=c:\program files (x86)\easyse monitoring panel\ipcamwizard.exe |
"TCP Query User{53136E95-BD0F-4959-9540-4C55604EA152}C:\program files (x86)\nvms5 standard edition\bin\monitor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nvms5 standard edition\bin\monitor.exe |
"TCP Query User{5C322A14-5CF8-46C2-AE6E-8EE764110785}C:\program files (x86)\video server e\video server e.exe" = protocol=6 | dir=in | app=c:\program files (x86)\video server e\video server e.exe |
"TCP Query User{61C9B4FE-B43D-4733-AEA5-83B7B7CFE1F9}C:\windows\syswow64\svchost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\svchost.exe |
"TCP Query User{7220AF17-5C8A-46D3-AF95-E86CE8183D1B}C:\windows\syswow64\svchost.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\svchost.exe |
"TCP Query User{7FF293A5-158C-466F-97E4-3CE021020BC3}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe" = protocol=6 | dir=in | app=c:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe |
"TCP Query User{828EE411-209B-4139-AC3F-20528028A78F}C:\program files (x86)\controlcenter\controlcenter.exe" = protocol=6 | dir=in | app=c:\program files (x86)\controlcenter\controlcenter.exe |
"TCP Query User{863D8D65-E31A-4E75-9250-AD7DB3BD72BC}C:\users\1234\appdata\local\temp\rar$exa0.002\dvr-viewer\dvrviewer.exe" = protocol=6 | dir=in | app=c:\users\1234\appdata\local\temp\rar$exa0.002\dvr-viewer\dvrviewer.exe |
"TCP Query User{89256CEF-56A8-4394-9A80-A6B1ECE27509}C:\users\1234\desktop\cube world + crack [cz]\server.exe" = protocol=6 | dir=in | app=c:\users\1234\desktop\cube world + crack [cz]\server.exe |
"TCP Query User{8D0DF360-F913-4D34-A775-FF21A10CD0D1}D:\hdd 500 gb záloha\renek\návody\kamery\ebm dvr\en-6204v\en-6204v\ebm 6204 česky\ip installer\ipinstallereng.exe" = protocol=6 | dir=in | app=d:\hdd 500 gb záloha\renek\návody\kamery\ebm dvr\en-6204v\en-6204v\ebm 6204 česky\ip installer\ipinstallereng.exe |
"TCP Query User{901DA9CE-52FC-4BE1-AAC2-4D013C3D2D21}C:\program files (x86)\easyse monitoring panel\superipcam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\easyse monitoring panel\superipcam.exe |
"TCP Query User{92A98083-207F-422B-A4EB-4423576DA8EE}D:\hdd 500 gb záloha\renek\návody\kamery\ebm dvr\ebm 6204 česky\ip installer\ipinstallereng.exe" = protocol=6 | dir=in | app=d:\hdd 500 gb záloha\renek\návody\kamery\ebm dvr\ebm 6204 česky\ip installer\ipinstallereng.exe |
"TCP Query User{97081A55-9942-4C04-B802-55EF596D072D}C:\program files (x86)\nuuo\scb_mpeg4_hybrid\rmtdskserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nuuo\scb_mpeg4_hybrid\rmtdskserver.exe |
"TCP Query User{9EBCC9D7-4F0A-4081-B5CD-84371EA1D542}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{9F06133D-9DD5-4450-8D01-78F29CCA28B5}C:\web tool\imatrix\agent.exe" = protocol=6 | dir=in | app=c:\web tool\imatrix\agent.exe |
"TCP Query User{A16A719F-0499-47AB-83B5-001ED32C6A5F}E:\hry\simcity-5-(cracknuto+cz)\simcity-drmless-beta-1.6\start.exe" = protocol=6 | dir=in | app=e:\hry\simcity-5-(cracknuto+cz)\simcity-drmless-beta-1.6\start.exe |
"TCP Query User{A38A0DDB-84FD-4CDB-9D95-F276151AE0ED}C:\users\1234\desktop\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\users\1234\desktop\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{AE925F51-4A3C-48DD-8B16-7CAA1A1B5B90}C:\emulator\start.exe" = protocol=6 | dir=in | app=c:\emulator\start.exe |
"TCP Query User{B0187DCE-4DF6-4F0A-B035-09E2DE034A82}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{B96FAF53-9CEF-4E67-8EFA-5A1F3B22F4D1}C:\web tool\remotesetup\remotesetup.exe" = protocol=6 | dir=in | app=c:\web tool\remotesetup\remotesetup.exe |
"TCP Query User{BAE65F46-D046-486A-A12B-CEAE5C4BF969}C:\program files (x86)\controlcenter\iptool.exe" = protocol=6 | dir=in | app=c:\program files (x86)\controlcenter\iptool.exe |
"TCP Query User{BF59A198-9528-477D-B1DF-781C20843B01}C:\program files (x86)\nuuo\scb_mpeg4_hybrid\rmtdskserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nuuo\scb_mpeg4_hybrid\rmtdskserver.exe |
"TCP Query User{C21C652A-37B0-47BB-AB07-4FE5A0EC5E57}C:\program files\ispy\ispy (64 bit)\ispy.exe" = protocol=6 | dir=in | app=c:\program files\ispy\ispy (64 bit)\ispy.exe |
"TCP Query User{CEDBFF27-5B62-4F36-A6FC-D49DC963B61A}C:\program files (x86)\farming simulator 2013 cz\x86\farmingsimulator2013game.exe" = protocol=6 | dir=in | app=c:\program files (x86)\farming simulator 2013 cz\x86\farmingsimulator2013game.exe |
"TCP Query User{D1B9792D-CC32-4EFB-94AC-F0423CDAE08C}C:\emulator\apache\httpd.exe" = protocol=6 | dir=in | app=c:\emulator\apache\httpd.exe |
"TCP Query User{E1BEE7CB-0022-4A0A-AA08-413BB5D86F99}C:\program files (x86)\videoviewer\videoviewer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videoviewer\videoviewer.exe |
"TCP Query User{EA61A81D-2FF5-45FB-975B-2E0E3A22EF2D}C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe |
"TCP Query User{EE4DA9C6-97A3-4BF4-9CD6-79272476DDBB}C:\users\1234\desktop\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\users\1234\desktop\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{F21882C2-0C60-4434-A838-63D77A8A6C6A}C:\program files (x86)\dvr client\nddvrclientapp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dvr client\nddvrclientapp.exe |
"TCP Query User{F23E9400-02BF-4F26-9165-1E0C1D94A773}C:\program files (x86)\nuuo\scb_mpeg4_hybrid\mainconsole.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nuuo\scb_mpeg4_hybrid\mainconsole.exe |
"TCP Query User{F32CC709-13AE-427D-AC9C-6778658A2DDC}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{FF21ABBC-FD04-4449-9D14-00FF9D66F557}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{0201820B-96E4-448D-888F-8046A76A6682}E:\hry\simcity-5-(cracknuto+cz)\simcity-drmless-beta-1.6\start.exe" = protocol=17 | dir=in | app=e:\hry\simcity-5-(cracknuto+cz)\simcity-drmless-beta-1.6\start.exe |
"UDP Query User{021FCF76-5826-4C63-A074-CF11D4E8940F}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{0548BF18-EC07-4611-8F00-B82EA85AE60C}C:\program files (x86)\easyse monitoring panel\superipcam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\easyse monitoring panel\superipcam.exe |
"UDP Query User{0A1707F7-41ED-43D9-B009-2073C3F68011}C:\program files\ispy\ispy (64 bit)\ispy.exe" = protocol=17 | dir=in | app=c:\program files\ispy\ispy (64 bit)\ispy.exe |
"UDP Query User{10DF5236-DE40-41D6-B9E9-1C149159B55D}C:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe" = protocol=17 | dir=in | app=c:\program files (x86)\smart professional surveillance system\pc-nvr\challenge.exe |
"UDP Query User{13959FCC-671F-4A8C-83C8-D2CC4D206EF8}C:\web tool\imatrix\agent.exe" = protocol=17 | dir=in | app=c:\web tool\imatrix\agent.exe |
"UDP Query User{1949B47E-EEBC-41FB-8F40-E179AE9AF349}D:\hdd 500 gb záloha\renek\návody\kamery\ebm dvr\en-6204v\en-6204v\ebm 6204 česky\ip installer\ipinstallereng.exe" = protocol=17 | dir=in | app=d:\hdd 500 gb záloha\renek\návody\kamery\ebm dvr\en-6204v\en-6204v\ebm 6204 česky\ip installer\ipinstallereng.exe |
"UDP Query User{19B23E96-AA9C-4D94-921D-0CA883006211}C:\program files (x86)\video server e\video server e.exe" = protocol=17 | dir=in | app=c:\program files (x86)\video server e\video server e.exe |
"UDP Query User{203226B0-8F6D-4056-902F-7260D297E3DE}C:\program files (x86)\nvms5 standard edition\bin\monitor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nvms5 standard edition\bin\monitor.exe |
"UDP Query User{25668921-9DFA-4A3E-A050-88D9F53E22A0}C:\program files (x86)\easyse monitoring panel\ipcamwizard.exe" = protocol=17 | dir=in | app=c:\program files (x86)\easyse monitoring panel\ipcamwizard.exe |
"UDP Query User{273651EA-4440-473C-A85F-969D8860C273}C:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lenovoemc storage manager\lenovoemcstoragemanager.exe |
"UDP Query User{33E355CB-8289-43DA-B3C8-3A1BA11019E1}C:\program files (x86)\controlcenter\controlcenter.exe" = protocol=17 | dir=in | app=c:\program files (x86)\controlcenter\controlcenter.exe |
"UDP Query User{37E90353-AC5B-4AE2-83CA-966ED8812074}C:\users\1234\desktop\cube world + crack [cz]\server.exe" = protocol=17 | dir=in | app=c:\users\1234\desktop\cube world + crack [cz]\server.exe |
"UDP Query User{48A8D4E2-6B27-4519-91E3-9B0B634B14AA}C:\program files (x86)\nuuo\scb_mpeg4_hybrid\mainconsole.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nuuo\scb_mpeg4_hybrid\mainconsole.exe |
"UDP Query User{49A6E292-8D86-490A-B4B9-5CE0BBCAA667}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{4F900541-51C1-4AFF-89C2-E81CCE76E150}C:\emulator\apache\httpd.exe" = protocol=17 | dir=in | app=c:\emulator\apache\httpd.exe |
"UDP Query User{56E1BD44-54FC-470A-99F1-A4805AC1DBEF}C:\program files (x86)\farming simulator 15\x64\farmingsimulator2015game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 15\x64\farmingsimulator2015game.exe |
"UDP Query User{58F8DABD-5107-43C8-83D1-BDA66678CC8A}C:\program files (x86)\videoviewer\videoviewer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videoviewer\videoviewer.exe |
"UDP Query User{63A5E0A2-654C-4F17-A648-3C8C6C1C73A9}C:\program files (x86)\easyse monitoring panel\superipcam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\easyse monitoring panel\superipcam.exe |
"UDP Query User{7C73D20F-D653-4B48-B3D4-ED2385A85212}C:\users\1234\appdata\local\temp\rar$exa0.002\dvr-viewer\dvrviewer.exe" = protocol=17 | dir=in | app=c:\users\1234\appdata\local\temp\rar$exa0.002\dvr-viewer\dvrviewer.exe |
"UDP Query User{839DE968-FE81-4265-BBD0-0420435C043D}C:\program files (x86)\controlcenter\iptool.exe" = protocol=17 | dir=in | app=c:\program files (x86)\controlcenter\iptool.exe |
"UDP Query User{91ED7A1E-C381-405A-BD21-3B817883EFDB}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{97832A65-C96D-4440-B555-FFD1F3F084D9}C:\program files (x86)\nuuo\scb_mpeg4_hybrid\rmtdskserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nuuo\scb_mpeg4_hybrid\rmtdskserver.exe |
"UDP Query User{AC1083D6-AAD3-4F2B-B48B-36B953C8C784}C:\users\1234\desktop\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\users\1234\desktop\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{AD1D3A28-7C1F-46FB-B649-9784A5D67B48}C:\program files (x86)\nuuo\scb_mpeg4_hybrid\mainconsole.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nuuo\scb_mpeg4_hybrid\mainconsole.exe |
"UDP Query User{BAE39E5B-0F0C-4FC5-B283-570932EEE155}C:\web tool\remotesetup\remotesetup.exe" = protocol=17 | dir=in | app=c:\web tool\remotesetup\remotesetup.exe |
"UDP Query User{BFA8853D-07CC-401F-B609-CAB8CF610BC4}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{C523BD2D-B813-452F-98C9-2226824870AA}C:\program files (x86)\dvr client\nddvrclientapp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dvr client\nddvrclientapp.exe |
"UDP Query User{C5E3B8B7-19F8-4295-AB6E-FC5BE6A38F1D}D:\hdd 500 gb záloha\renek\návody\kamery\ebm dvr\ebm 6204 česky\ip installer\ipinstallereng.exe" = protocol=17 | dir=in | app=d:\hdd 500 gb záloha\renek\návody\kamery\ebm dvr\ebm 6204 česky\ip installer\ipinstallereng.exe |
"UDP Query User{C64A26ED-2768-4A77-A85B-A991C5960DFB}C:\emulator\start.exe" = protocol=17 | dir=in | app=c:\emulator\start.exe |
"UDP Query User{C807B264-D2A2-4E3A-A40F-8763B437932C}C:\windows\syswow64\svchost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\svchost.exe |
"UDP Query User{C86AB3AE-8DAE-41DF-9C3E-8BF1A42E6744}C:\program files (x86)\farming simulator 2013 cz\x86\farmingsimulator2013game.exe" = protocol=17 | dir=in | app=c:\program files (x86)\farming simulator 2013 cz\x86\farmingsimulator2013game.exe |
"UDP Query User{CE1DD514-1EE4-4C44-B88A-38C7467EFECE}C:\windows\syswow64\svchost.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\svchost.exe |
"UDP Query User{D69BA0DF-6CF4-4789-B014-AF22D518D52C}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{E38BF363-0258-48DC-A69F-A2E69058E17D}C:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe" = protocol=17 | dir=in | app=c:\program files (x86)\smart professional surveillance system\smartpss\smartpss.exe |
"UDP Query User{EA842D30-296B-4961-A1C4-0BDABB104DA0}C:\program files (x86)\alexey v.voronin\ups_assistant\upsassistant.exe" = protocol=17 | dir=in | app=c:\program files (x86)\alexey v.voronin\ups_assistant\upsassistant.exe |
"UDP Query User{EFE1BB1B-487C-43A2-AE81-DEBFAFB0FA80}C:\users\1234\desktop\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\users\1234\desktop\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{F8AA4F1C-D682-49EC-B6CA-860C3737BAC7}C:\program files (x86)\nuuo\scb_mpeg4_hybrid\rmtdskserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nuuo\scb_mpeg4_hybrid\rmtdskserver.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{41357956-5B67-489C-9F7D-FABACC2CD3CB}" = AVG 2015
"{4812B582-C445-4335-A390-EC7878D27606}" = AVG 2015
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{6378ABCE-F816-4330-A7B1-FBEBCD50B746}" = ESET Smart Security
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 344.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 344.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 344.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.1.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 344.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.14.0702
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 16.13.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.32.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 16.13.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.25
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"9E24492CE9279512BD465F61DB8523641BB7BBFC" = Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (01/18/2013 2.08.28)
"AVG" = AVG 2015
"BurnInTest_is1" = BurnInTest v7.1 Standard
"C-Media PCI Audio Driver" = C-Media PCI Audio Device
"E61B77ECE57113AE1CA028BC7A8AD6C137BD13DD" = Windows Driver Package - FTDI CDM Driver Package - VCP Driver (01/18/2013 2.08.28)
"EB80D11E8D7946E220412AE1F2F19A1C5CD5FF7D" = Windows Driver Package - Telechips Inc (vtcdrv) USB (05/07/2010 5.0.0.1)
"Lexmark Universal v2" = Lexmark Universal v2 Odinstalovat
"MediaInfo" = MediaInfo 0.7.64
"PotPlayer64" = Potplayer-64 Bits
"Recuva" = Recuva
"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}" = Windows Live UX Platform
"{07AAB66E-4718-422D-9218-4AFB3C922A71}" = Photo Gallery
"{1179FF61-2CD5-7E3E-CD35-CF105B5B3C8D}_is1" = HDD Regenerator 1.71+Keygen [h33t][MurtajiZ] version for Windows
"{15BFD731-A10E-43E9-9D18-0F682BC0480F}" = Photo Common
"{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}" = Windows Live Photo Common
"{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}" = HDD Regenerator
"{3D2CF65C-B544-4308-B996-700D3E5F6C4C}" = Movie Maker
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{41C61308-6CFD-4D54-AB6A-7136ED08A18E}" = Windows Live Communications Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5AAA952E-B15E-47E0-94E4-DD6DC7B9C796}_is1" = Kobra 11 Nitro
"{659CB81C-B54E-4DF1-B618-F35777393A54}" = Windows Live Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7BD6DBC6-5883-47EA-95F6-96B888E11189}_is1" = VideoPlayer 1.1.9 .3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}" = Windows Live Essentials
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Czech
"{B0816C25-1B71-4276-A1AB-72116652906C}" = Codec Install
"{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}" = Windows Live PIMT Platform
"{B435433C-110A-4853-843A-7BD1EE59624E}_is1" = PlayerLiteHJ 1.0.2.5.LHJ
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}" = Windows Live SOXE
"{D1893000-EA77-493C-8DDD-E262436E959B}" = Windows Live SOXE Definitions
"{D2C6E826-C996-4740-960D-B388EF7C5D6F}" = NUUO MPEG-4 Hybrid System
"{DCF2B77E-8CCC-4522-BBA7-9ED8C4F1AAA6}" = NUUO Device Pack for MPEG-4
"{DD67BE4B-7E62-4215-AFA3-F123A800A389}" = Movie Maker
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}" = Windows Live UX Platform Language Pack
"{E5297CC6-DD4E-40F3-BD0A-FB1D085F6751}}_is1" = Maurus Gaming Mouse
"{F011CDD5-87D2-4873-8EE3-FA95B1FEAED9}" = NVMS5 Standard Edition
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F37D360D-9308-4BB1-8515-DC6B637B9486}" = Fotogalerie
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Farming Simulator 15_is1" = Farming Simulator 15
"FileZilla Server" = FileZilla Server
"FormatFactory" = FormatFactory 3.2.1.0
"Glary Utilities 5" = Glary Utilities 5.14
"HD Tune Pro_is1" = HD Tune Pro 3.50
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"Marvell Miniport Driver" = Marvell Miniport Driver
"MPE" = MyPhoneExplorer
"NUUODriver" = NUUODriver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 26.0.1656.32" = Opera Stable 26.0.1656.32
"SmartPSS" = SmartPSS 1.10.1
"TeamViewer 9" = TeamViewer 9
"Video Server E" = Video Server E
"VLC media player" = VLC media player 2.1.3
"Windows 7 - Codec Pack" = Windows 7 Codec Pack 2.3.0
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.0.2
"WinRAR archiver" = WinRAR
"ZonerPhotoStudio12_CZ_is1" = Zoner Photo Studio 12

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12.12.2014 4:55:54 | Computer Name = 1234-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.17116, časové
razítko: 0x541ccf72 Název chybujícího modulu: IPCam902.ocx, verze: 0.0.0.36, časové
razítko: 0x4bd4fbf6 Kód výjimky: 0xc0000005 Posun chyby: 0x00008f9f ID chybujícího
procesu: 0x14f8 Čas spuštění chybující aplikace: 0x01d015e967b8864b Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Cesta k chybujícímu
modulu: C:\Windows\SysWow64\IPCam902.ocx ID zprávy: ad83cca4-81dc-11e4-bfa6-00235444536a

Error - 12.12.2014 4:55:56 | Computer Name = 1234-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.17116, časové
razítko: 0x541ccf72 Název chybujícího modulu: IPCam902.ocx, verze: 0.0.0.36, časové
razítko: 0x4bd4fbf6 Kód výjimky: 0xc0000005 Posun chyby: 0x00008f9f ID chybujícího
procesu: 0x1554 Čas spuštění chybující aplikace: 0x01d015e9710aad8b Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Cesta k chybujícímu
modulu: C:\Windows\SysWow64\IPCam902.ocx ID zprávy: af20e0e0-81dc-11e4-bfa6-00235444536a

Error - 12.12.2014 4:58:10 | Computer Name = 1234-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.17116, časové
razítko: 0x541ccf72 Název chybujícího modulu: IPCam902.ocx, verze: 0.0.0.36, časové
razítko: 0x4bd4fbf6 Kód výjimky: 0xc0000005 Posun chyby: 0x00008f9f ID chybujícího
procesu: 0x4e0 Čas spuštění chybující aplikace: 0x01d015e9c101aab9 Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Cesta k chybujícímu
modulu: C:\Windows\SysWow64\IPCam902.ocx ID zprávy: ff0edd3d-81dc-11e4-bfa6-00235444536a

Error - 12.12.2014 4:58:26 | Computer Name = 1234-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: IEXPLORE.EXE, verze: 10.0.9200.17116, časové
razítko: 0x541ccf72 Název chybujícího modulu: IPCam902.ocx, verze: 0.0.0.36, časové
razítko: 0x4bd4fbf6 Kód výjimky: 0xc0000005 Posun chyby: 0x00008f9f ID chybujícího
procesu: 0xde0 Čas spuštění chybující aplikace: 0x01d015e9ca038ded Cesta k chybující
aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Cesta k chybujícímu
modulu: C:\Windows\SysWow64\IPCam902.ocx ID zprávy: 0823ac77-81dd-11e4-bfa6-00235444536a

Error - 12.12.2014 9:54:45 | Computer Name = 1234-PC | Source = Application Hang | ID = 1002
Description = Program IEXPLORE.EXE verze 10.0.9200.17116 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1008 Čas spuštění: 01d0160ecd6aa6a6 Čas ukončení: 80 Cesta k aplikaci: C:\Program
Files (x86)\Internet Explorer\IEXPLORE.EXE ID hlášení:

Error - 12.12.2014 16:34:53 | Computer Name = 1234-PC | Source = System Restore | ID = 8210
Description =

Error - 12.12.2014 17:14:33 | Computer Name = 1234-PC | Source = Application Hang | ID = 1002
Description = Program notepad.exe verze 6.1.7600.16385 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1908 Čas spuštění: 01d016506cb68883 Čas ukončení: 1 Cesta k aplikaci: C:\Windows\notepad.exe

ID
hlášení:

Error - 13.12.2014 15:25:04 | Computer Name = 1234-PC | Source = Application Hang | ID = 1002
Description = Program PotPlayerMini64.exe verze 0.0.0.0 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 2864 Čas spuštění: 01d0170a3184dae3 Čas ukončení: 216 Cesta k aplikaci: C:\Program
Files\DAUM\PotPlayer\PotPlayerMini64.exe ID hlášení: 96c96247-82fd-11e4-a0d1-002354445e29

Error - 14.12.2014 6:40:08 | Computer Name = 1234-PC | Source = Application Hang | ID = 1002
Description = Program RSITx64.exe verze 0.0.0.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
149c Čas spuštění: 01d01789611f6e8e Čas ukončení: 3 Cesta k aplikaci: C:\Users\1234\Desktop\RSITx64.exe

ID
hlášení:

Error - 14.12.2014 7:36:13 | Computer Name = 1234-PC | Source = Application Hang | ID = 1002
Description = Program AdwCleaner.exe verze 4.1.0.5 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
d2c Čas spuštění: 01d01790dbbdf03a Čas ukončení: 4 Cesta k aplikaci: C:\Users\1234\Desktop\AdwCleaner.exe

ID
hlášení: 5e3eeb34-8385-11e4-b21d-002354445e29

Error - 14.12.2014 8:06:17 | Computer Name = 1234-PC | Source = Application Hang | ID = 1002
Description = Program mshta.exe verze 10.0.9200.16521 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1490 Čas spuštění: 01d017926d179ee0 Čas ukončení: 0 Cesta k aplikaci: C:\Windows\SysWOW64\mshta.exe

ID
hlášení:

Error - 14.12.2014 12:25:26 | Computer Name = 1234-PC | Source = Application Hang | ID = 1002
Description = Program iexplore.exe verze 10.0.9200.17183 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1750 Čas spuštění: 01d017b72e347a39 Čas ukončení: 0 Cesta k aplikaci: C:\Program
Files\Internet Explorer\iexplore.exe ID hlášení:

[ System Events ]
Error - 14.12.2014 8:10:31 | Computer Name = 1234-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 14.12.2014 8:10:31 | Computer Name = 1234-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 14.12.2014 8:10:51 | Computer Name = 1234-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 14.12.2014 8:10:51 | Computer Name = 1234-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error - 14.12.2014 11:11:05 | Computer Name = 1234-PC | Source = VDS Basic Provider | ID = 33554433
Description =

Error - 14.12.2014 11:45:07 | Computer Name = 1234-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 14.12.2014 11:45:07 | Computer Name = 1234-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 14.12.2014 11:45:08 | Computer Name = 1234-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 14.12.2014 11:45:09 | Computer Name = 1234-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 14.12.2014 11:45:09 | Computer Name = 1234-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

< End of report >

Je mi lito, ale nase forum se nelegalnimi systemy nezabyva - z logu je zcela jasny a patrny crack na windows - ono taky malokdo si koupi nejvyssi licenci (v radu nekolik tisic) na domaci pouzivani ze

Ok, děkuji za Váš čas, bohužel jsem to tak koupil, přeji hezký den.

Pak se obratte na prodejce...

Pekny zbytek vecera

VIRY.CZ

One-Time Password nelze se přihlásit na Email od seznam.cz

One-Time Password nelze se přihlásit na Email od seznam.cz

Re: One-Time Password nelze se přihlásit na Email od seznam.

Re: One-Time Password nelze se přihlásit na Email od seznam.

Re: One-Time Password nelze se přihlásit na Email od seznam.

Re: One-Time Password nelze se přihlásit na Email od seznam.

Re: One-Time Password nelze se přihlásit na Email od seznam.

Re: One-Time Password nelze se přihlásit na Email od seznam.

Re: One-Time Password nelze se přihlásit na Email od seznam.