Nepřístojně pomalý internet

Zpráva

WarpfireW · #1 Příspěvek od **WarpfireW** » 08 pro 2015 11:38

Zdravím, chtěl bych se na vás obrátit s problémem, který mě velice trápí. Jde o to, že poslední asi 2 týdny se mi neuvěřitelně zpomalil internet, prvně občas vypadával a sem tam kolísala rychlost, po pár dnech už spadla rychlost na 10Mbsa následně je od 10kBs až do 1Mbs. Rychlost routeru je 50Mbs a připojení mám k dispozici ze zásuvkového adaptéru i sem zkoušel WIFI. Vir je jedna z možností, jelikož další počítač se zásuvkovým adaptérem jede vpořádku, v síťařině se nevyznám ale možná se i něco ruší nebo je problém v oblasti nastavení routeru proto přidávám log aby byla jistota zda to je či není vir.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomáš at 2015-12-08 11:20:03
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 2 GB (3%) free of 76 GB
Total RAM: 3071 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:20:05, on 8.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
C:\Program Files\trend micro\Tomáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 65.112.87.186 master.gamespy.com
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [BloodyToneMaker] "C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe" Minimum
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
O23 - Service: Ralink Registry Writer 64 (RalinkRegistryWriter64) - Ralink Technology, Corp. - C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
O23 - Service: Ralink UPnP Media Server (RaMediaServer) - Ralink - C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11173 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe" Minimum
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\Edimax\Common\RaRegistry.exe"
"C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\Sysnative\perfmon.exe" /res
C:\Windows\system32\WLANExt.exe 47246192
\??\C:\Windows\system32\conhost.exe "765727948134489895741068432021179962101008007871-8861330191713645229-29600460
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Tomáš\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\update-S-1-5-21-4057503627-1852955601-1194495846-1000.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\Windows\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-22 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-28 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-30 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-24 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-28 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-30 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-10-17 669984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-24 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-07-20 14021336]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-24 2634896]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-07-24 1710568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BloodyToneMaker"=C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [2014-01-15 7887872]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
"Autodesk Sync"=C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28 1067736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 8]
C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2015-01-20 2428704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Tomáš\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Tomáš\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-10-14 48145024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2015-11-10 3011152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10 335232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk]
C:\PROGRA~2\Ralink\Common\RaUI.exe [2013-09-23 15661872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Utility.lnk]
C:\PROGRA~2\Edimax\Common\RaUI.exe [2009-11-04 1617920]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-06 6111312]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2014-11-18 226560]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave8"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi8"=wdmaud.drv
"midi9"=wdmaud.drv
"wave7"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2015-12-07 15:56:02 ----D---- C:\Program Files\trend micro
2015-12-07 15:56:01 ----D---- C:\rsit
2015-12-03 15:01:06 ----D---- C:\Program Files\Common Files\AV
2015-12-02 16:10:59 ----RHD---- C:\Users\Tomáš\AppData\Roaming\SecuROM
2015-11-22 20:42:18 ----D---- C:\Data

======List of files/folders modified in the last 1 month======

2015-12-08 11:20:05 ----D---- C:\Windows\Prefetch
2015-12-08 11:20:04 ----D---- C:\Windows\Temp
2015-12-08 07:10:18 ----D---- C:\Windows\system32\config
2015-12-08 06:58:31 ----D---- C:\Windows\SoftwareDistribution
2015-12-07 23:01:43 ----D---- C:\Windows\system32\NDF
2015-12-07 22:33:56 ----D---- C:\Users\Tomáš\AppData\Roaming\Skype
2015-12-07 21:58:23 ----D---- C:\Users\Tomáš\AppData\Roaming\OBS
2015-12-07 15:56:02 ----RD---- C:\Program Files
2015-12-07 15:30:33 ----D---- C:\Program Files (x86)\Steam
2015-12-07 14:02:23 ----D---- C:\Windows\inf
2015-12-07 07:48:46 ----D---- C:\Windows\system32\catroot2
2015-12-07 07:47:13 ----D---- C:\Windows
2015-12-07 07:47:11 ----D---- C:\Windows\debug
2015-12-07 05:52:09 ----D---- C:\Program Files (x86)\Opera
2015-12-06 18:32:00 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-06 18:31:55 ----D---- C:\Windows\system32\drivers
2015-12-06 11:38:14 ----D---- C:\ProgramData\ProductData
2015-12-04 15:24:16 ----D---- C:\Program Files (x86)\Battle.net
2015-12-03 15:01:06 ----D---- C:\Windows\system32\Tasks
2015-12-03 15:01:06 ----D---- C:\Program Files\Common Files
2015-12-03 15:01:06 ----D---- C:\Program Files (x86)\Common Files
2015-12-02 19:48:12 ----D---- C:\Users\Tomáš\AppData\Roaming\vlc
2015-12-02 16:10:01 ----SHD---- C:\Windows\Installer
2015-12-02 16:10:01 ----SHD---- C:\Config.Msi
2015-12-02 16:05:08 ----RD---- C:\Program Files (x86)
2015-12-02 16:05:01 ----D---- C:\Windows\Tasks
2015-12-02 15:56:17 ----SHD---- C:\System Volume Information
2015-12-02 15:55:05 ----D---- C:\Users\Tomáš\AppData\Roaming\DAEMON Tools Pro
2015-11-23 10:54:54 ----D---- C:\WarThunder
2015-11-17 19:13:40 ----D---- C:\Windows\Migration
2015-11-15 16:04:54 ----D---- C:\Windows\Minidump
2015-11-15 16:04:54 ----D---- C:\Windows\Logs
2015-11-15 13:37:18 ----D---- C:\Windows\System32
2015-11-15 13:37:18 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-14 18:10:40 ----D---- C:\ProgramData\Skype
2015-11-13 22:20:39 ----D---- C:\Users\Tomáš\AppData\Roaming\SpaceEngineers
2015-11-12 18:21:17 ----D---- C:\Users\Tomáš\AppData\Roaming\.minecraft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-30 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-30 274808]
R0 mv61xx;mv61xx; C:\Windows\system32\DRIVERS\mv61xx.sys [2015-03-22 183144]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-30 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-06 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-06 449992]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-03-28 283200]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-03-22 26528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-30 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-30 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-30 150672]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 146432]
R3 CMUAC;Headset6400x1 Device Driver; C:\Windows\system32\DRIVERS\Headset6400x1.SYS [2013-10-03 386560]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-07-20 4496600]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver; C:\Windows\system32\DRIVERS\netr28ux.sys [2013-11-21 2172616]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-07-20 204648]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-07-03 47976]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-05-17 977624]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-07-20 33448]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 cpuz137;cpuz137; \??\C:\Users\TOM~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-12-07 192216]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-30 146600]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files (x86)\Edimax\Common\RaRegistry.exe [2009-10-06 185632]
R2 RalinkRegistryWriter64;Ralink Registry Writer 64; C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe [2009-10-06 212256]
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
S2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2014-11-04 815392]
S2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-12-13 12288]
S2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-08 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-07-24 1155216]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22 107848]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-31 2909472]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-07-24 1871504]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-07-24 5544592]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
S2 RaMediaServer;Ralink UPnP Media Server; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [2012-07-06 1863680]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-08-04 1471352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-22 107848]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-03-22 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-10 836176]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-03-25 1255736]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-08 139696]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 08 pro 2015 17:38

Zdravím!
Jak je na tom váš oper. systém s legalitou?

WarpfireW · #3 Příspěvek od **WarpfireW** » 08 pro 2015 18:25

Tak to netuším, počítač je složený od známého a používám ho posledních pár měsíců. Zas tolik se v tom nevyznám a jelikož se systémem problém nikdy nebyl tak mi nepřišlo že by mohl být nelegální, aktualizace i win 10 to nabízí normálně.

#4 Příspěvek od **Rudy** » 08 pro 2015 19:05

Udělejte nasledující sken:

OTL:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.

WarpfireW · #5 Příspěvek od **WarpfireW** » 08 pro 2015 20:47

OTL logfile created on: 8.12.2015 19:14:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tomáš\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 35,29% Memory free
6,00 Gb Paging File | 2,69 Gb Available in Paging File | 44,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 1,86 Gb Free Space | 2,50% Space Free | Partition Type: NTFS
Drive D: | 99,94 Mb Total Space | 84,06 Mb Free Space | 84,12% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 7,64 Gb Free Space | 1,64% Space Free | Partition Type: NTFS
Drive G: | 3,20 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 465,76 Gb Total Space | 152,57 Gb Free Space | 32,76% Space Free | Partition Type: NTFS

Computer Name: TOMÁŠ-PC | User Name: Tomáš | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.12.08 19:12:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tomáš\Downloads\OTL.exe
PRC - [2015.12.02 16:04:30 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
PRC - [2015.11.24 09:00:56 | 000,741,704 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015.11.06 20:11:44 | 006,111,312 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015.10.28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015.10.12 08:28:44 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2015.10.12 08:28:42 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2015.10.05 09:48:34 | 009,832,760 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2015.10.01 15:10:14 | 000,477,184 | ---- | M] (Skillbrains) -- C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
PRC - [2015.07.30 20:40:20 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015.07.24 05:22:16 | 002,634,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015.07.24 05:22:13 | 001,871,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015.03.22 19:29:23 | 000,187,168 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2015.01.23 14:32:58 | 001,749,792 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
PRC - [2014.11.04 13:19:48 | 000,815,392 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
PRC - [2014.01.15 10:01:58 | 007,887,872 | ---- | M] () -- C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
PRC - [2012.12.13 16:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2012.10.23 09:25:06 | 002,744,960 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
PRC - [2009.10.06 11:57:44 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files (x86)\Edimax\Common\RaRegistry.exe

========== Modules (No Company Name) ==========

MOD - [2015.11.24 09:00:53 | 001,583,432 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libglesv2.dll
MOD - [2015.11.24 09:00:52 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libegl.dll
MOD - [2015.07.30 20:40:26 | 000,102,864 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015.07.30 20:40:21 | 000,123,976 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015.07.24 05:22:16 | 000,011,920 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2015.03.22 20:33:17 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014.01.15 10:01:58 | 007,887,872 | ---- | M] () -- C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
MOD - [2013.11.11 17:01:38 | 004,259,840 | ---- | M] () -- C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
MOD - [2013.01.15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madexcept_.bpl
MOD - [2013.01.15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\madexcept_.bpl
MOD - [2013.01.15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2013.01.15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\maddisAsm_.bpl
MOD - [2013.01.15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2013.01.15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\madbasic_.bpl
MOD - [2010.01.30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009.07.14 02:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll

========== Services (SafeList) ==========

SRV:64bit: - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2015.08.04 17:11:01 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
SRV:64bit: - [2015.07.30 20:40:20 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2015.07.24 05:22:13 | 001,155,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2015.07.24 05:22:11 | 005,544,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2015.07.16 21:21:50 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.05.25 19:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015.11.10 03:44:38 | 000,836,176 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015.10.28 18:49:06 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.10.12 08:28:44 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2015.10.12 08:28:42 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2015.10.05 09:48:46 | 001,135,416 | ---- | M] (Malwarebytes) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015.07.31 08:10:52 | 002,909,472 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2015.07.24 05:22:13 | 001,871,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015.07.09 12:14:04 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.11.04 13:19:48 | 000,815,392 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe -- (AdvancedSystemCareService8)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2012.12.13 16:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2012.07.08 23:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.07.06 18:20:54 | 001,863,680 | ---- | M] (Ralink) [Auto | Stopped] -- C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe -- (RaMediaServer)
SRV - [2009.10.06 11:57:44 | 000,212,256 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe -- (RalinkRegistryWriter64)
SRV - [2009.10.06 11:57:44 | 000,185,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files (x86)\Edimax\Common\RaRegistry.exe -- (RalinkRegistryWriter)

========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2015.12.08 19:08:39 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2015.11.06 20:11:47 | 000,449,992 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2015.11.06 20:11:46 | 001,059,656 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2015.10.05 09:50:18 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2015.10.05 09:50:06 | 000,025,816 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015.07.30 20:40:36 | 000,274,808 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015.07.30 20:40:36 | 000,150,672 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015.07.30 20:40:36 | 000,065,224 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015.07.30 20:40:35 | 000,090,968 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015.07.30 20:40:35 | 000,028,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015.07.30 20:40:34 | 000,093,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015.07.24 05:22:11 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2015.07.20 14:56:48 | 000,033,448 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2015.07.20 14:55:18 | 000,204,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2015.07.03 05:28:26 | 000,047,976 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2015.06.11 18:15:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015.05.17 15:14:28 | 000,977,624 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2015.03.28 14:02:01 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2015.03.22 19:43:06 | 000,183,144 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv61xx.sys -- (mv61xx)
DRV:64bit: - [2013.11.21 22:06:26 | 002,172,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2013.10.03 09:06:32 | 000,386,560 | ---- | M] (A4Tech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Headset6400x1.SYS -- (CMUAC)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:49:51 | 000,146,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rmcast.sys -- (RMCAST)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2015.03.22 19:27:36 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: H:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.07.30 20:40:11 | 000,000,000 | ---D | M]

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.45_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk\2_1\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2015.07.17 09:22:41 | 000,000,859 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 65.112.87.186 master.gamespy.com
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Surfing Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe ()
O4 - HKU\.DEFAULT..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-18..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000..\Run: [BloodyToneMaker] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe ()
O4 - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [BloodyToneMaker] C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe ()
O4 - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O7 - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82C4F192-1C12-4808-B024-A5CB101800EF}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D14EE37E-6997-4802-B85C-6BF42136015B}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.10.23 19:33:15 | 000,000,066 | R--- | M] () - G:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2015.08.04 17:17:09 | 000,000,000 | ---D | M] - H:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{4a9e7967-d548-11e4-b878-002185338b58}\Shell - "" = AutoRun
O33 - MountPoints2\{4a9e7967-d548-11e4-b878-002185338b58}\Shell\AutoRun\command - "" = G:\Setup.exe -- [2007.11.01 22:24:27 | 000,062,976 | R--- | M] (Aspyr Media, Inc.)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\.autorun\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.mjpg - pvmjpg30.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.12.07 15:56:02 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.12.07 15:56:01 | 000,000,000 | ---D | C] -- C:\rsit
[2015.12.03 15:01:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2015.12.03 15:01:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AV
[2015.12.02 16:12:18 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\Documents\Aspyr
[2015.12.02 16:12:18 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\Aspyr
[2015.12.02 16:10:59 | 000,000,000 | RH-D | C] -- C:\Users\Tomáš\AppData\Roaming\SecuROM
[2015.11.22 21:10:21 | 000,000,000 | ---D | C] -- C:\Users\Tomáš\AppData\Local\Blizzard
[2015.11.22 21:04:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
[2015.11.22 20:42:18 | 000,000,000 | ---D | C] -- C:\Data

========== Files - Modified Within 30 Days ==========

[2015.12.08 19:23:05 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-4057503627-1852955601-1194495846-1000.job
[2015.12.08 19:18:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.12.08 19:10:01 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.12.08 19:08:39 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.12.08 17:16:47 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.12.08 17:16:47 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.12.08 16:34:52 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.12.08 16:34:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.12.08 16:34:24 | 2415,366,144 | -HS- | M] () -- C:\hiberfil.sys
[2015.12.08 15:44:00 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\update-sys.job
[2015.12.07 15:30:15 | 001,439,908 | ---- | M] () -- C:\Users\Tomáš\Desktop\Screenshot_14.png
[2015.12.07 15:22:05 | 000,007,604 | ---- | M] () -- C:\Users\Tomáš\AppData\Local\Resmon.ResmonCfg
[2015.12.07 06:22:46 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
[2015.12.06 18:32:00 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015.12.05 11:30:57 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.11.29 16:21:22 | 000,058,988 | ---- | M] () -- C:\Users\Tomáš\Documents\POLIT.VÝVOJ ZA PŘEMYSLOVSKÝCH KRÁLŮ.pdf
[2015.11.29 16:21:20 | 000,065,118 | ---- | M] () -- C:\Users\Tomáš\Documents\18,19-lUCEMBURKOVÉ.pdf
[2015.11.24 19:13:11 | 000,044,097 | ---- | M] () -- C:\Users\Tomáš\Documents\HOSPODÁŘSTVÍ-STŘEDOVĚK.pdf
[2015.11.24 19:12:39 | 000,021,773 | ---- | M] () -- C:\Users\Tomáš\Documents\index.htm
[2015.11.22 21:04:02 | 000,000,678 | ---- | M] () -- C:\Users\Public\Desktop\Hearthstone.lnk
[2015.11.18 22:12:40 | 000,044,842 | ---- | M] () -- C:\Users\Tomáš\Documents\14-KULTURA ROMÁNSKÁ.pdf
[2015.11.15 17:56:39 | 005,919,911 | ---- | M] () -- C:\Users\Tomáš\Documents\DSCN8264.JPG
[2015.11.15 13:37:18 | 001,584,554 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.11.15 13:37:18 | 000,668,866 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.11.15 13:37:18 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.11.15 13:37:18 | 000,141,526 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.11.15 13:37:18 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.11.13 17:49:13 | 000,026,443 | ---- | M] () -- C:\Users\Tomáš\Desktop\Screenshot_15.png

========== Files Created - No Company Name ==========

[2015.12.08 19:18:58 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.12.07 15:30:14 | 001,439,908 | ---- | C] () -- C:\Users\Tomáš\Desktop\Screenshot_14.png
[2015.11.29 16:21:22 | 000,058,988 | ---- | C] () -- C:\Users\Tomáš\Documents\POLIT.VÝVOJ ZA PŘEMYSLOVSKÝCH KRÁLŮ.pdf
[2015.11.29 16:21:17 | 000,065,118 | ---- | C] () -- C:\Users\Tomáš\Documents\18,19-lUCEMBURKOVÉ.pdf
[2015.11.24 19:13:10 | 000,044,097 | ---- | C] () -- C:\Users\Tomáš\Documents\HOSPODÁŘSTVÍ-STŘEDOVĚK.pdf
[2015.11.24 19:12:34 | 000,021,773 | ---- | C] () -- C:\Users\Tomáš\Documents\index.htm
[2015.11.22 21:04:02 | 000,000,678 | ---- | C] () -- C:\Users\Public\Desktop\Hearthstone.lnk
[2015.11.18 22:11:39 | 000,044,842 | ---- | C] () -- C:\Users\Tomáš\Documents\14-KULTURA ROMÁNSKÁ.pdf
[2015.11.15 17:52:03 | 005,919,911 | ---- | C] () -- C:\Users\Tomáš\Documents\DSCN8264.JPG
[2015.11.13 17:49:13 | 000,026,443 | ---- | C] () -- C:\Users\Tomáš\Desktop\Screenshot_15.png
[2015.09.22 08:18:07 | 000,000,858 | ---- | C] () -- C:\Users\Tomáš\AppData\Local\recently-used.xbel
[2015.07.20 14:50:10 | 037,748,880 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2015.06.16 17:53:16 | 000,000,000 | -HS- | C] () -- C:\Users\Tomáš\AppData\Local\LumaEmu
[2015.06.14 14:58:58 | 000,077,639 | ---- | C] () -- C:\Users\Tomáš\drawingfds.png
[2015.06.12 16:52:54 | 000,647,912 | ---- | C] () -- C:\Users\Tomáš\drawingfds.svg
[2015.04.28 13:41:16 | 000,004,608 | ---- | C] () -- C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2015.04.02 12:35:53 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2015.04.01 20:39:48 | 001,559,268 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015.03.25 23:28:31 | 000,007,604 | ---- | C] () -- C:\Users\Tomáš\AppData\Local\Resmon.ResmonCfg
[2015.03.22 22:40:22 | 000,000,424 | ---- | C] () -- C:\Users\Tomáš\AppData\Local\UserProducts.xml
[2015.03.22 19:50:43 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015.03.22 19:13:48 | 000,013,973 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2015.03.22 19:13:36 | 000,792,416 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.dll
[2015.03.22 19:13:36 | 000,000,451 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.ini
[2015.03.22 18:04:18 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.07.10 18:51:25 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.07.10 18:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015.11.12 18:21:17 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\.minecraft
[2015.04.04 13:24:49 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\.mono
[2015.08.26 11:43:19 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Audacity
[2015.08.04 17:57:20 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Autodesk
[2015.03.22 20:40:06 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\AVAST Software
[2015.04.14 20:33:13 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Battle.net
[2015.12.07 06:21:04 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\BitTorrent
[2015.04.12 16:07:14 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\CadSoft
[2015.04.04 13:24:46 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Colossal Order
[2015.12.07 06:21:05 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\DAEMON Tools Pro
[2015.03.28 14:06:43 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\FiraxisLive
[2015.05.16 15:28:05 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\FlowStone
[2015.04.28 14:20:15 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ftblauncher
[2015.03.23 16:11:10 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\HeroesAndGeneralsDesktop
[2015.06.12 16:14:01 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\inkscape
[2015.03.22 19:29:28 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\IObit
[2015.04.23 20:04:52 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\IsolatedStorage
[2015.04.21 21:05:04 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\java
[2015.06.03 19:53:48 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\LolClient
[2015.12.07 21:58:23 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\OBS
[2015.04.14 19:24:49 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\OpenOffice
[2015.03.27 20:07:26 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Opera Software
[2015.04.07 12:50:57 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ProductData
[2015.06.03 16:37:37 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Riot Games
[2015.07.23 11:53:31 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Seznam.cz
[2015.04.23 20:03:48 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Solvusoft
[2015.05.16 15:38:27 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\SongManager
[2015.11.13 22:20:39 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\SpaceEngineers
[2015.04.04 13:24:44 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Steam
[2015.05.24 16:38:14 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Sublime Text 2
[2015.04.04 23:38:22 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\The Creative Assembly
[2015.06.20 16:49:42 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Zoner

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,580 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2015.03.22 20:29:56 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.03.22 20:29:57 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015.03.22 22:40:15 | 000,000,388 | ---- | C] () -- C:\Windows\Tasks\update-sys.job
[2015.03.22 22:40:21 | 000,000,388 | ---- | C] () -- C:\Windows\Tasks\update-S-1-5-21-4057503627-1852955601-1194495846-1000.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 02:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2015.04.05 19:55:48 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2015.04.05 19:55:48 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2015.04.05 19:55:48 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2015.04.05 19:55:48 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 02:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 05:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015.04.13 04:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[2015.10.05 09:48:32 | 000,893,752 | ---- | M] (MalwareBytes) MD5=E9A75E4B409A01E52055CE7CCA7FF925 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 14:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
[2015.04.05 19:55:48 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2015.04.05 19:55:48 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
[2015.10.05 09:48:32 | 000,893,752 | ---- | M] (MalwareBytes) MD5=E9A75E4B409A01E52055CE7CCA7FF925 -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe

< >

< %systemroot%*.* /U /s >
[6 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[15 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\0bd074ee9c598b8144c9a707e7fd080f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\0bd074ee9c598b8144c9a707e7fd080f\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\7cf3b4577e996df8ee2ffe797c4d2d7e\*.tmp files -> C:\Windows\SoftwareDistribution\Download\7cf3b4577e996df8ee2ffe797c4d2d7e\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f016e18cb3a4e3b4ee1147e3f26c0095\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f016e18cb3a4e3b4ee1147e3f26c0095\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\f899f14e3e1c0d9863fca923b7a68395\*.tmp files -> C:\Windows\SoftwareDistribution\Download\f899f14e3e1c0d9863fca923b7a68395\*.tmp -> ]
[1 C:\Windows\System32\catroot\*.tmp files -> C:\Windows\System32\catroot\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2015.11.12 18:21:17 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\.minecraft
[2015.04.04 13:24:49 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\.mono
[2015.04.07 19:45:24 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Adobe
[2015.03.22 19:29:22 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Apple Computer
[2015.08.26 11:43:19 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Audacity
[2015.08.04 17:57:20 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Autodesk
[2015.03.22 20:40:06 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\AVAST Software
[2015.04.14 20:33:13 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Battle.net
[2015.12.07 06:21:04 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\BitTorrent
[2015.04.12 16:07:14 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\CadSoft
[2015.04.04 13:24:46 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Colossal Order
[2015.12.07 06:21:05 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\DAEMON Tools Pro
[2015.03.28 14:06:43 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\FiraxisLive
[2015.05.16 15:28:05 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\FlowStone
[2015.04.28 14:20:15 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ftblauncher
[2015.03.23 16:48:38 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Google
[2015.03.23 16:11:10 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\HeroesAndGeneralsDesktop
[2015.03.21 13:32:21 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Identities
[2015.06.12 16:14:01 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\inkscape
[2015.03.21 16:38:42 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\InstallShield
[2015.03.22 19:29:28 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\IObit
[2015.04.23 20:04:52 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\IsolatedStorage
[2015.04.21 21:05:04 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\java
[2015.06.03 19:53:48 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\LolClient
[2015.03.22 22:46:42 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Macromedia
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Media Center Programs
[2015.10.06 18:42:39 | 000,000,000 | --SD | M] -- C:\Users\Tomáš\AppData\Roaming\Microsoft
[2015.05.25 16:30:41 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\NVIDIA
[2015.12.07 21:58:23 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\OBS
[2015.04.14 19:24:49 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\OpenOffice
[2015.03.27 20:07:26 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Opera Software
[2015.04.07 12:50:57 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ProductData
[2015.06.03 16:37:37 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Riot Games
[2015.12.02 16:10:59 | 000,000,000 | RH-D | M] -- C:\Users\Tomáš\AppData\Roaming\SecuROM
[2015.07.23 11:53:31 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Seznam.cz
[2015.12.08 19:52:43 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Skype
[2015.04.23 20:03:48 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Solvusoft
[2015.05.16 15:38:27 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\SongManager
[2015.11.13 22:20:39 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\SpaceEngineers
[2015.04.04 13:24:44 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Steam
[2015.05.24 16:38:14 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Sublime Text 2
[2015.04.04 23:38:22 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\The Creative Assembly
[2015.12.02 19:48:12 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\vlc
[2015.03.28 13:34:06 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\WinRAR
[2015.06.20 16:49:42 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >
[2015.08.04 17:15:48 | 000,026,622 | R--- | M] () -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{644E9589-F73A-49A4-AC61-A953B9DE5669}\ARPPRODUCTICON.EXE
[2015.08.04 17:17:43 | 000,026,622 | R--- | M] () -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{C070121A-C8C5-4D52-9A7D-D240631BD433}\ARPPRODUCTICON.EXE
[2015.08.04 17:17:47 | 000,026,622 | R--- | M] () -- C:\Users\Tomáš\AppData\Roaming\Microsoft\Installer\{F732FEDA-7713-4428-934B-EF83B8DD65D0}\ARPPRODUCTICON.EXE
[2015.07.29 13:11:35 | 000,257,872 | ---- | M] (obsproject.com) -- C:\Users\Tomáš\AppData\Roaming\OBS\updates\updater.exe
[2013.05.16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Seznam.cz\sznsetup.exe
[2015.05.26 12:36:54 | 000,073,896 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2015.05.26 12:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2015.05.26 12:38:44 | 000,103,080 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011.12.19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\Tomáš\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013.04.16 12:52:36 | 000,077,824 | ---- | M] () -- C:\Users\Tomáš\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe
[2015.05.24 16:52:27 | 000,395,776 | ---- | M] (Simon Tatham) -- C:\Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\SFTP\bin\psftp.exe
[2015.05.24 16:52:27 | 000,184,390 | ---- | M] (http://subversion.apache.org/) -- C:\Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\SFTP\bin\svn.exe
[2015.03.20 20:30:00 | 000,294,296 | ---- | M] (emc) -- C:\Users\Tomáš\AppData\Roaming\uTorrent\uninstall.exe
[2015.02.22 20:30:00 | 000,416,168 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Tomáš\AppData\Roaming\uTorrent\utorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2015.07.16 20:10:38 | 012,856,832 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll

< %systemroot%\Tasks\*.job >
[2015.12.08 16:34:52 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.12.08 19:10:01 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015.12.08 19:23:05 | 000,000,388 | ---- | M] () -- C:\Windows\Tasks\update-S-1-5-21-4057503627-1852955601-1194495846-1000.job
[2015.12.08 19:44:02 | 000,000,388 | ---- | M] () -- C:\Windows\Tasks\update-sys.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2015.07.16 20:10:38 | 012,856,832 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"BloodyToneMaker" = "C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe" Minimum -- [2014.01.15 10:01:58 | 007,887,872 | ---- | M] ()
"DAEMON Tools Pro Agent" = "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun -- [2012.10.23 09:25:10 | 003,108,480 | ---- | M] (DT Soft Ltd)
"Autodesk Sync" = C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe -- [2013.02.05 00:18:14 | 001,081,224 | ---- | M] (Autodesk, Inc.)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015.07.21 01:12:30 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=C2A6A7E10E872F62F261637B67AFB248 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2015.11.24 09:00:56 | 000,741,704 | ---- | M] (Google Inc.) MD5=C5F837D6C30A81B7352382B461684D8B -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.12.08 19:18:58 | 000,000,512 | ---- | M] () MD5=42015B487EE29A605EFA42D5F09C7D6F -- C:\PhysicalMBR.bin

< >

WarpfireW · #6 Příspěvek od **WarpfireW** » 08 pro 2015 20:48

< *crack* /s >
[2014.08.26 21:07:28 | 000,062,238 | ---- | M] () -- \Program Files\GIMP 2\share\gimp\2.0\patterns\cracked.pat
[2015.04.28 13:23:39 | 000,000,968 | ---- | M] () -- \Users\Tomáš\AppData\Local\ftblauncher\ModPacks\MindCrack\logo_minecrack.png
[2015.04.28 13:23:40 | 000,008,681 | ---- | M] () -- \Users\Tomáš\AppData\Local\ftblauncher\ModPacks\MindCrack\mindcrack_splash.png

< *keygen* /s >

< *loader* /s >
[2015.05.28 08:04:11 | 001,176,208 | ---- | M] () -- \NVIDIA\DisplayDriver\353.06\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2015.05.28 08:04:11 | 000,916,112 | ---- | M] () -- \NVIDIA\DisplayDriver\353.06\Win8_WinVista_Win7_64\International\NVI2\NVDownloader.dll
[2015.05.28 08:04:11 | 000,028,430 | ---- | M] () -- \NVIDIA\DisplayDriver\353.06\Win8_WinVista_Win7_64\International\NVI2\NVI2DownloaderExt.CFG
[2015.05.28 08:04:11 | 000,850,576 | ---- | M] () -- \NVIDIA\DisplayDriver\353.06\Win8_WinVista_Win7_64\International\NVI2\NVI2DownloaderExt.DLL
[2015.05.28 08:04:11 | 000,057,592 | ---- | M] () -- \NVIDIA\DisplayDriver\353.06\Win8_WinVista_Win7_64\International\PhysX\files\Common\PhysXLoader.dll
[2015.05.28 08:04:11 | 000,065,784 | ---- | M] () -- \NVIDIA\DisplayDriver\353.06\Win8_WinVista_Win7_64\International\PhysX\files\Common\PhysXLoader64.dll
[2015.05.28 08:04:11 | 000,073,976 | ---- | M] () -- \NVIDIA\DisplayDriver\353.06\Win8_WinVista_Win7_64\International\PhysX\files\Common\PhysXUpdateLoader.dll
[2015.05.28 08:04:11 | 000,090,872 | ---- | M] () -- \NVIDIA\DisplayDriver\353.06\Win8_WinVista_Win7_64\International\PhysX\files\Common\PhysXUpdateLoader64.dll
[2010.03.24 19:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 19:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2015.01.19 17:23:36 | 002,161,440 | ---- | M] () -- \Program Files (x86)\IObit\Advanced SystemCare 8\ActionCenterDownloader.exe
[2014.12.09 15:00:48 | 002,158,400 | ---- | M] () -- \Program Files (x86)\IObit\Driver Booster\IObitDownloader.exe
[2014.12.09 15:00:48 | 002,158,400 | ---- | M] () -- \Program Files (x86)\IObit\Driver Booster\Freeware\IObitDownloader.exe
[2015.11.18 14:43:46 | 002,161,952 | ---- | M] () -- \Program Files (x86)\IObit\IObit Uninstaller\IObitDownloader.exe
[2015.07.24 05:22:02 | 001,176,720 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2015.05.28 08:04:11 | 000,057,592 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2015.05.28 08:04:11 | 000,065,784 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2015.05.28 08:04:11 | 000,073,976 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2015.05.28 08:04:11 | 000,090,872 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2014.04.15 15:23:12 | 000,029,696 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\javaloader.uno.dll
[2014.04.22 12:12:04 | 000,005,813 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\pythonloader.py
[2014.04.15 15:23:14 | 000,020,992 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\pythonloader.uno.dll
[2014.04.22 12:29:06 | 000,000,171 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\pythonloader.uno.ini
[2014.04.15 10:50:04 | 000,003,869 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\classes\unoloader.jar
[2014.04.15 11:06:56 | 000,013,501 | ---- | M] () -- \Program Files (x86)\OpenOffice 4\program\python-core-2.7.6\lib\unittest\loader.py
[2015.04.02 19:28:32 | 000,001,737 | ---- | M] () -- \Program Files (x86)\Rockstar Games\Social Club\UI\ext\scui\images\loaderSmallBlue.gif
[2015.02.18 16:27:02 | 000,031,516 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2015.10.01 15:10:04 | 000,262,656 | ---- | M] () -- \Program Files (x86)\Skillbrains\lightshot\5.3.0.0\uploader.dll
[2014.12.10 02:28:04 | 000,001,701 | ---- | M] () -- \Program Files (x86)\Steam\friends\broadcastuploaderrornotification.res
[2014.11.11 19:48:42 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2015.07.30 20:40:18 | 000,072,440 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2015.07.30 20:40:18 | 000,085,336 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2010.03.24 19:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 19:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.03.08 08:43:28 | 000,013,734 | ---- | M] () -- \Program Files\GIMP 2\Python\Lib\unittest\loader.py
[2015.05.28 08:04:11 | 000,057,592 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{52FCF435-74DB-4E93-9377-703F148D1A68}\files\Common\PhysXLoader.dll
[2015.05.28 08:04:11 | 000,065,784 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{52FCF435-74DB-4E93-9377-703F148D1A68}\files\Common\PhysXLoader64.dll
[2015.05.28 08:04:11 | 000,073,976 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{52FCF435-74DB-4E93-9377-703F148D1A68}\files\Common\PhysXUpdateLoader.dll
[2015.05.28 08:04:11 | 000,090,872 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{52FCF435-74DB-4E93-9377-703F148D1A68}\files\Common\PhysXUpdateLoader64.dll
[2015.07.24 05:22:13 | 000,916,112 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\installer.{404B654E-0924-477F-895E-3D31295358B0}\NVDownloader.dll
[2015.07.24 05:21:16 | 000,028,430 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\installer.{404B654E-0924-477F-895E-3D31295358B0}\NVI2DownloaderExt.CFG
[2015.07.24 05:22:13 | 000,828,048 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\installer.{404B654E-0924-477F-895E-3D31295358B0}\NVI2DownloaderExt.DLL
[2015.04.02 19:28:32 | 000,001,737 | ---- | M] () -- \Program Files\Rockstar Games\Social Club\UI\ext\scui\images\loaderSmallBlue.gif
[2012.06.09 19:19:38 | 000,055,296 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2015.03.22 19:29:20 | 000,002,391 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\DB2Downloader.log
[2015.12.08 16:36:20 | 001,439,248 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader.log
[2015.11.12 19:38:18 | 001,181,488 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\ExtensionLoader.dll
[2015.11.12 19:39:00 | 000,916,272 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVDownloader.dll
[2015.03.22 19:29:20 | 000,002,391 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\DB2Downloader.log
[2015.12.08 16:36:20 | 001,439,248 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader.log
[2015.11.12 19:38:18 | 001,181,488 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\GFExperience\ExtensionLoader.dll
[2015.11.12 19:39:00 | 000,916,272 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVDownloader.dll
[2015.12.03 13:26:06 | 000,003,605 | ---- | M] () -- \Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.45_0\img\loader.gif
[2015.12.05 13:19:39 | 000,001,846 | ---- | M] () -- \Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20W3V9R5\IfrJSAdLoader[1].htm
[2015.12.07 20:47:35 | 000,001,980 | ---- | M] () -- \Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AZQ5SMXJ\AdLoader[1].htm
[2015.12.07 20:47:35 | 000,019,121 | ---- | M] () -- \Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DHVM2YBZ\AdLoader-288a31a04e1398b1a794975bf93ce9a4.min[1].js
[2015.10.06 20:43:56 | 000,072,638 | ---- | M] () -- \Users\Tomáš\AppData\Local\Skype\Apps\login\images\loader.gif
[2015.10.06 20:43:56 | 000,003,032 | ---- | M] () -- \Users\Tomáš\AppData\Local\Skype\Apps\login\images\loader.png
[2015.10.06 20:43:56 | 000,006,012 | ---- | M] () -- \Users\Tomáš\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2015.10.06 20:43:56 | 000,021,956 | ---- | M] () -- \Users\Tomáš\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2015.10.06 20:43:56 | 000,009,772 | ---- | M] () -- \Users\Tomáš\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2015.05.26 12:37:42 | 000,078,504 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Seznam.cz\bin\23502libfoxloader.dll
[2015.05.26 12:35:36 | 000,079,872 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Seznam.cz\bin\23505libfoxloader-x64.dll
[2015.07.20 14:34:20 | 000,000,165 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2015.02.18 16:27:02 | 000,031,516 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.1.2-win32.zip
[2015.01.06 15:17:14 | 000,000,665 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.install.bat
[2015.01.06 15:17:14 | 000,000,117 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.uninstall.bat
[2015.05.24 16:39:04 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\loader.py
[2015.05.24 16:39:04 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\reloader.py
[2015.05.24 16:39:04 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\downloaders\background_downloader.py
[2015.05.24 16:39:04 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\downloaders\caching_downloader.py
[2015.05.24 16:39:04 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\downloaders\cli_downloader.py
[2015.05.24 16:39:04 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\downloaders\curl_downloader.py
[2015.05.24 16:39:04 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\downloaders\decoding_downloader.py
[2015.05.24 16:39:04 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\downloaders\downloader_exception.py
[2015.05.24 16:39:04 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\downloaders\limiting_downloader.py
[2015.05.24 16:39:04 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\downloaders\urllib_downloader.py
[2015.05.24 16:39:04 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\downloaders\wget_downloader.py
[2015.05.24 16:39:04 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\downloaders\wininet_downloader.py
[2015.05.24 16:39:04 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524173904\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.05.24 16:54:04 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\loader.py
[2015.05.24 16:54:04 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\reloader.py
[2015.05.24 16:54:04 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\downloaders\background_downloader.py
[2015.05.24 16:54:04 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\downloaders\caching_downloader.py
[2015.05.24 16:54:04 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\downloaders\cli_downloader.py
[2015.05.24 16:54:04 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\downloaders\curl_downloader.py
[2015.05.24 16:54:04 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\downloaders\decoding_downloader.py
[2015.05.24 16:54:04 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\downloaders\downloader_exception.py
[2015.05.24 16:54:04 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\downloaders\limiting_downloader.py
[2015.05.24 16:54:04 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\downloaders\urllib_downloader.py
[2015.05.24 16:54:04 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\downloaders\wget_downloader.py
[2015.05.24 16:54:04 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\downloaders\wininet_downloader.py
[2015.05.24 16:54:04 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175404\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.05.24 16:55:57 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\loader.py
[2015.05.24 16:55:57 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\reloader.py
[2015.05.24 16:55:57 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\downloaders\background_downloader.py
[2015.05.24 16:55:57 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\downloaders\caching_downloader.py
[2015.05.24 16:55:57 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\downloaders\cli_downloader.py
[2015.05.24 16:55:57 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\downloaders\curl_downloader.py
[2015.05.24 16:55:57 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\downloaders\decoding_downloader.py
[2015.05.24 16:55:57 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\downloaders\downloader_exception.py
[2015.05.24 16:55:57 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\downloaders\limiting_downloader.py
[2015.05.24 16:55:57 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\downloaders\urllib_downloader.py
[2015.05.24 16:55:57 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\downloaders\wget_downloader.py
[2015.05.24 16:55:57 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\downloaders\wininet_downloader.py
[2015.05.24 16:55:57 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150524175557\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.05.27 16:57:51 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\loader.py
[2015.05.27 16:57:51 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\reloader.py
[2015.05.27 16:57:52 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\downloaders\background_downloader.py
[2015.05.27 16:57:52 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\downloaders\caching_downloader.py
[2015.05.27 16:57:52 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\downloaders\cli_downloader.py
[2015.05.27 16:57:51 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\downloaders\curl_downloader.py
[2015.05.27 16:57:52 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\downloaders\decoding_downloader.py
[2015.05.27 16:57:50 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\downloaders\downloader_exception.py
[2015.05.27 16:57:51 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\downloaders\limiting_downloader.py
[2015.05.27 16:57:52 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\downloaders\urllib_downloader.py
[2015.05.27 16:57:51 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\downloaders\wget_downloader.py
[2015.05.27 16:57:51 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\downloaders\wininet_downloader.py
[2015.05.27 16:57:50 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150527175749\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.05.29 17:50:32 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\loader.py
[2015.05.29 17:50:32 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\reloader.py
[2015.05.29 17:50:32 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\downloaders\background_downloader.py
[2015.05.29 17:50:33 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\downloaders\caching_downloader.py
[2015.05.29 17:50:32 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\downloaders\cli_downloader.py
[2015.05.29 17:50:32 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\downloaders\curl_downloader.py
[2015.05.29 17:50:32 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\downloaders\decoding_downloader.py
[2015.05.29 17:50:32 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\downloaders\downloader_exception.py
[2015.05.29 17:50:32 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\downloaders\limiting_downloader.py
[2015.05.29 17:50:32 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\downloaders\urllib_downloader.py
[2015.05.29 17:50:32 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\downloaders\wget_downloader.py
[2015.05.29 17:50:32 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\downloaders\wininet_downloader.py
[2015.05.29 17:50:32 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150529185031\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.06.02 11:45:14 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\loader.py
[2015.06.02 11:45:14 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\reloader.py
[2015.06.02 11:45:14 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\downloaders\background_downloader.py
[2015.06.02 11:45:15 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\downloaders\caching_downloader.py
[2015.06.02 11:45:15 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\downloaders\cli_downloader.py
[2015.06.02 11:45:14 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\downloaders\curl_downloader.py
[2015.06.02 11:45:15 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\downloaders\decoding_downloader.py
[2015.06.02 11:45:14 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\downloaders\downloader_exception.py
[2015.06.02 11:45:14 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\downloaders\limiting_downloader.py
[2015.06.02 11:45:14 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\downloaders\urllib_downloader.py
[2015.06.02 11:45:14 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\downloaders\wget_downloader.py
[2015.06.02 11:45:14 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\downloaders\wininet_downloader.py
[2015.06.02 11:45:14 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150602124513\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.06.07 17:34:32 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\loader.py
[2015.06.07 17:34:32 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\reloader.py
[2015.06.07 17:34:32 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\downloaders\background_downloader.py
[2015.06.07 17:34:32 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\downloaders\caching_downloader.py
[2015.06.07 17:34:32 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\downloaders\cli_downloader.py
[2015.06.07 17:34:32 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\downloaders\curl_downloader.py
[2015.06.07 17:34:32 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\downloaders\decoding_downloader.py
[2015.06.07 17:34:31 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\downloaders\downloader_exception.py
[2015.06.07 17:34:32 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\downloaders\limiting_downloader.py
[2015.06.07 17:34:32 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\downloaders\urllib_downloader.py
[2015.06.07 17:34:32 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\downloaders\wget_downloader.py
[2015.06.07 17:34:32 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\downloaders\wininet_downloader.py
[2015.06.07 17:34:32 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150607183431\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.06.08 13:51:33 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\loader.py
[2015.06.08 13:51:33 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\reloader.py
[2015.06.08 13:51:33 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\downloaders\background_downloader.py
[2015.06.08 13:51:33 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\downloaders\caching_downloader.py
[2015.06.08 13:51:33 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\downloaders\cli_downloader.py
[2015.06.08 13:51:33 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\downloaders\curl_downloader.py
[2015.06.08 13:51:33 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\downloaders\decoding_downloader.py
[2015.06.08 13:51:32 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\downloaders\downloader_exception.py
[2015.06.08 13:51:33 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\downloaders\limiting_downloader.py
[2015.06.08 13:51:33 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\downloaders\urllib_downloader.py
[2015.06.08 13:51:33 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\downloaders\wget_downloader.py
[2015.06.08 13:51:33 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\downloaders\wininet_downloader.py
[2015.06.08 13:51:33 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145132\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.06.08 13:58:33 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\loader.py
[2015.06.08 13:58:33 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\reloader.py
[2015.06.08 13:58:33 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\downloaders\background_downloader.py
[2015.06.08 13:58:33 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\downloaders\caching_downloader.py
[2015.06.08 13:58:33 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\downloaders\cli_downloader.py
[2015.06.08 13:58:33 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\downloaders\curl_downloader.py
[2015.06.08 13:58:33 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\downloaders\decoding_downloader.py
[2015.06.08 13:58:33 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\downloaders\downloader_exception.py
[2015.06.08 13:58:33 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\downloaders\limiting_downloader.py
[2015.06.08 13:58:33 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\downloaders\urllib_downloader.py
[2015.06.08 13:58:33 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\downloaders\wget_downloader.py
[2015.06.08 13:58:33 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\downloaders\wininet_downloader.py
[2015.06.08 13:58:33 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608145833\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.06.08 15:12:33 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\loader.py
[2015.06.08 15:12:33 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\reloader.py
[2015.06.08 15:12:33 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\downloaders\background_downloader.py
[2015.06.08 15:12:33 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\downloaders\caching_downloader.py
[2015.06.08 15:12:33 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\downloaders\cli_downloader.py
[2015.06.08 15:12:33 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\downloaders\curl_downloader.py
[2015.06.08 15:12:33 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\downloaders\decoding_downloader.py
[2015.06.08 15:12:33 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\downloaders\downloader_exception.py
[2015.06.08 15:12:33 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\downloaders\limiting_downloader.py
[2015.06.08 15:12:33 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\downloaders\urllib_downloader.py
[2015.06.08 15:12:33 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\downloaders\wget_downloader.py
[2015.06.08 15:12:33 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\downloaders\wininet_downloader.py
[2015.06.08 15:12:33 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150608161233\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.06.25 12:55:27 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\loader.py
[2015.06.25 12:55:27 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\reloader.py
[2015.06.25 12:55:27 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\downloaders\background_downloader.py
[2015.06.25 12:55:27 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\downloaders\caching_downloader.py
[2015.06.25 12:55:27 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\downloaders\cli_downloader.py
[2015.06.25 12:55:27 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\downloaders\curl_downloader.py
[2015.06.25 12:55:27 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\downloaders\decoding_downloader.py
[2015.06.25 12:55:27 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\downloaders\downloader_exception.py
[2015.06.25 12:55:27 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\downloaders\limiting_downloader.py
[2015.06.25 12:55:27 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\downloaders\urllib_downloader.py
[2015.06.25 12:55:27 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\downloaders\wget_downloader.py
[2015.06.25 12:55:27 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\downloaders\wininet_downloader.py
[2015.06.25 12:55:27 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150625135526\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.08.18 12:42:49 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\loader.py
[2015.08.18 12:42:49 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\reloader.py
[2015.08.18 12:42:49 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\downloaders\background_downloader.py
[2015.08.18 12:42:51 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\downloaders\caching_downloader.py
[2015.08.18 12:42:50 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\downloaders\cli_downloader.py
[2015.08.18 12:42:48 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\downloaders\curl_downloader.py
[2015.08.18 12:42:50 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\downloaders\decoding_downloader.py
[2015.08.18 12:42:48 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\downloaders\downloader_exception.py
[2015.08.18 12:42:49 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\downloaders\limiting_downloader.py
[2015.08.18 12:42:49 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\downloaders\urllib_downloader.py
[2015.08.18 12:42:49 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\downloaders\wget_downloader.py
[2015.08.18 12:42:49 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\downloaders\wininet_downloader.py
[2015.08.18 12:42:48 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Backup\20150818134247\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.05.24 16:40:17 | 000,016,998 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Emmet\emmet\pyv8loader.py
[2015.05.24 16:40:18 | 000,019,005 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Emmet\emmet\pyv8loader.pyc
[2015.05.24 16:40:17 | 000,000,659 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Emmet\emmet\reloader.py
[2015.05.24 16:40:18 | 000,000,702 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Emmet\emmet\reloader.pyc
[2015.08.18 12:42:49 | 000,011,557 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\loader.py
[2015.08.18 12:43:05 | 000,007,856 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\loader.pyc
[2015.08.18 12:42:49 | 000,004,144 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\reloader.py
[2015.08.18 12:42:49 | 000,001,578 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\background_downloader.py
[2015.08.18 12:43:04 | 000,002,604 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\background_downloader.pyc
[2015.08.18 12:42:51 | 000,005,367 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\caching_downloader.py
[2015.08.18 12:43:04 | 000,005,360 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\caching_downloader.pyc
[2015.08.18 12:42:50 | 000,002,385 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\cli_downloader.py
[2015.08.18 12:42:48 | 000,011,700 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\curl_downloader.py
[2015.08.18 12:42:50 | 000,001,658 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\decoding_downloader.py
[2015.08.18 12:43:03 | 000,002,351 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\decoding_downloader.pyc
[2015.08.18 12:42:48 | 000,000,141 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\downloader_exception.py
[2015.08.18 12:43:03 | 000,000,772 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\downloader_exception.pyc
[2015.08.18 12:42:49 | 000,000,970 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\limiting_downloader.py
[2015.08.18 12:43:03 | 000,001,591 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\limiting_downloader.pyc
[2015.08.18 12:42:49 | 000,011,262 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\urllib_downloader.py
[2015.08.18 12:43:04 | 000,009,153 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\urllib_downloader.pyc
[2015.08.18 12:42:49 | 000,012,301 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\wget_downloader.py
[2015.08.18 12:42:49 | 000,030,085 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\wininet_downloader.py
[2015.08.18 12:43:03 | 000,022,449 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\wininet_downloader.pyc
[2015.08.18 12:42:48 | 000,000,254 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\win_downloader_exception.py
[2015.08.18 12:43:03 | 000,000,704 | ---- | M] () -- \Users\Tomáš\AppData\Roaming\Sublime Text 2\Packages\Package Control\package_control\downloaders\win_downloader_exception.pyc
[2015.06.11 07:25:43 | 000,000,984 | ---- | M] () -- \Users\Tomáš\Documents\My Games\Skyrim\SKSE\skse_loader.log
[2012.10.04 18:28:57 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5357628bb82658534f104e49df1ff3a4\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:26:17 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5357628bb82658534f104e49df1ff3a4\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5357628bb82658534f104e49df1ff3a4\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5357628bb82658534f104e49df1ff3a4\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5357628bb82658534f104e49df1ff3a4\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5357628bb82658534f104e49df1ff3a4\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5357628bb82658534f104e49df1ff3a4\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\5357628bb82658534f104e49df1ff3a4\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 18:44:18 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2015.07.15 18:44:18 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:11:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_6885643192acd650\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 04:20:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_68ba756992852e6b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:11:40 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:06:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_68cc15ff92788e54\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:00:47 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_68c146139280aa45\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:05:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_696a2894ab871300\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 06:58:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_6945eaeaaba13425\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:14:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:11:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_69588bcaab93ad65\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:05:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_694dbbdeab9bc956\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.25 10:51:17 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.03.25 10:51:17 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.efi.mui_35ee487d
[2015.03.25 10:51:17 | 000,034,752 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.exe.mui_3bc5b827
[2015.03.25 10:51:17 | 000,029,624 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.efi.mui_f412814e
[2015.03.25 10:51:17 | 000,030,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.exe.mui_ff8b5358
[2015.03.25 10:51:18 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015.03.25 10:51:18 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.efi_75834aa0
[2015.03.25 10:51:18 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.exe_75835076
[2015.03.25 10:51:18 | 000,616,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.efi_85cd069f
[2015.03.25 10:51:18 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015.06.11 22:07:57 | 000,000,616 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 16:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2015.02.03 05:49:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.01.12 23:17:25 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_91e42f042cd18522.manifest
[2015.01.16 07:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.01.27 06:32:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_91d08fc02cdfefb2.manifest
[2015.02.03 06:30:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_91d591322cdb6e65.manifest
[2015.03.17 07:28:02 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_91faa7482cc099d9.manifest
[2015.05.25 21:04:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2015.07.15 06:49:58 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_91e90a7e2ccd343e.manifest
[2015.07.15 21:47:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_91de3a922cd5502f.manifest
[2009.07.14 03:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 14:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 14:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2015.02.03 04:51:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2011.02.05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2015.01.12 04:50:53 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_b9c87a8c9c6eeb55.manifest
[2015.01.16 07:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.01.27 05:22:06 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_b9b4db489c7d55e5.manifest
[2015.02.03 05:17:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015.03.17 06:34:28 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_b9def2d09c5e000c.manifest
[2015.05.25 19:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2015.07.15 04:48:43 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_b9cd56069c6a9a71.manifest
[2015.07.15 19:39:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_b9c2861a9c72b662.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 05:50:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_0c66c8adda4f651a\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 04:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 18:55:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 03:47:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_0cad7a7bda1b1d1e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 18:44:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_0ca2aa8fda23390f\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 05:42:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_0d4b8d10f329a1ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 06:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:00:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 03:51:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_0d39f046f3363c2f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 18:40:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_0d2f205af33e5820\api-ms-win-core-libraryloader-l1-1-0.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 6168 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh

< End of report >

WarpfireW · #7 Příspěvek od **WarpfireW** » 08 pro 2015 20:52

OTL Extras logfile created on: 8.12.2015 19:14:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tomáš\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 35,29% Memory free
6,00 Gb Paging File | 2,69 Gb Available in Paging File | 44,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 1,86 Gb Free Space | 2,50% Space Free | Partition Type: NTFS
Drive D: | 99,94 Mb Total Space | 84,06 Mb Free Space | 84,12% Space Free | Partition Type: NTFS
Drive F: | 465,76 Gb Total Space | 7,64 Gb Free Space | 1,64% Space Free | Partition Type: NTFS
Drive G: | 3,20 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 465,76 Gb Total Space | 152,57 Gb Free Space | 32,76% Space Free | Partition Type: NTFS

Computer Name: TOMÁŠ-PC | User Name: Tomáš | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files (x86)\Opera\Launcher.exe (Opera Software)

[HKEY_USERS\S-1-5-21-4057503627-1852955601-1194495846-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "H:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "H:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "H:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "H:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02DECD92-C834-4CBC-AB2A-34932C2DFE7D}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{062FE479-E707-4210-BB7B-7DE8CC83B92A}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{0981D673-C0D8-4052-BD32-1C1C13F900A4}" = rport=137 | protocol=17 | dir=out | app=system |
"{0BA9A163-B5F9-4573-BDAE-96031F1547F7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D113D87-F091-4B23-8EB8-9168EF1AF6EB}" = rport=139 | protocol=6 | dir=out | app=system |
"{1591F5FF-843F-4D18-B1BE-88D93F195F48}" = lport=137 | protocol=17 | dir=in | app=system |
"{168B7FB8-FC17-4825-A64A-39510096A174}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{171DE847-5A68-40F5-B101-BBA02D608C78}" = lport=2869 | protocol=6 | dir=in | app=system |
"{179D6135-740C-42C9-A444-2B6BEBE54AD5}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{181BC9CE-1714-408B-82F4-CFE79E46583C}" = lport=139 | protocol=6 | dir=in | app=system |
"{1D4EA7E4-9D49-4CA4-8FFB-5C1AB6B271CB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{218E8ECE-3CB9-419B-AA84-1E39306D49E9}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{29DB7973-D3D7-40B1-903C-92CA9B91FA86}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{2C647CE6-7B54-49A7-9E5A-984C0FD9FED8}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{2FBF6D3A-660D-4DAF-BE67-65BF6FF80CB2}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{35D50319-B482-40BD-A00B-7397A8006951}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{3FB83FBD-BED1-49BD-B65A-FF6EF079DC4B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3FE0F503-55E5-4A10-A0A9-A5B24B453B8F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{40A046BA-6769-4AD2-9F5E-56BCE7290D74}" = lport=67 | protocol=17 | dir=in | name=rtldhcp-port |
"{419A4772-3C10-4410-BD38-A5EF57DCF77B}" = lport=445 | protocol=6 | dir=in | app=system |
"{55A79530-B720-4439-9DA9-4E888D87E85B}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{58DD79F2-E197-4393-9DEB-EB243DDFE678}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5AD86EDE-18AE-4208-B688-76A842D2C8DE}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{66740A2B-05CA-4D82-A483-04FA75A90C5E}" = lport=53 | protocol=6 | dir=in | name=rtldns-port |
"{671A631A-6DB5-4FAB-9C93-6DDBCCDCE66D}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{7E0D9443-AFEA-4CE0-937C-E19AC96D175E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8B163C7E-52AD-4EEB-B689-BC18D4A274C8}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{8CF4EDD7-29AC-45A4-A3A7-B90EDFFA473F}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{9650E6FD-694D-4BF4-8ADF-FA6D07963CC9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{96B7525E-EE99-465C-BFE1-5ECBF45EE0F8}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{A214B1DC-E297-4F68-863B-142BCD3A6020}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A6E05730-454C-48B0-A6BA-37FFC224C850}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{A7423CCB-BD61-47DD-91EA-5135E3E40DEF}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{ACBCBAE8-8540-4D6C-8568-C418A09F5026}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B7E7AF78-B60B-4905-AA66-9AF6675B2DA9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C45EA56B-5C75-4DC1-91E3-179B46574A75}" = rport=138 | protocol=17 | dir=out | app=system |
"{C57A3766-EE1E-4B97-A396-8B216A901C7D}" = lport=138 | protocol=17 | dir=in | app=system |
"{C835146A-9B0B-4717-B897-81B44DE747D6}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{C92C8D5B-2575-4A61-889F-E43D7C251625}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{CF6B82ED-C8B6-456B-8ED5-4B3AF7ED6C29}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{D2B40FD4-A3D3-4FAF-A1CB-06076419AEDA}" = lport=68 | protocol=17 | dir=in | name=rtldhcp-port-2 |
"{D7A54B71-8AC3-488C-B99C-790FA661CB0A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D8AB079F-A864-4223-AF83-ADA564DCE259}" = rport=445 | protocol=6 | dir=out | app=system |
"{DC0D772A-41D3-42B7-96B6-DA07C3BD1B50}" = lport=53 | protocol=17 | dir=in | name=rtldns-port-2 |
"{DE1A745D-020C-4268-B0D6-7B06870EA19A}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E29ACE03-63E6-46D8-B25C-E287EB6346F5}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{EBD18AD8-6E5F-45BA-A59E-DF664C5E9504}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{F1C76D5B-A258-49F0-8746-DF43772DB5C2}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{FA6102E5-9728-4493-8814-08A97B114F4A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF3F8561-1629-4519-A22F-ECEC7E5AEEFB}" = lport=7853 | protocol=6 | dir=in | name=war thunder |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02117FD4-2AF3-4119-A8E0-B4022AD9D436}" = protocol=17 | dir=in | app=h:\steamlibrary\steamapps\common\insurgency2\insurgency.exe |
"{03097186-2256-46A9-AB7F-565045FDBB1F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0B9F9214-6903-46DB-BBAB-36CF8F6EE409}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink\common\ramediaserver.exe |
"{1125B99D-D520-41CC-88DA-AA0B0916AD34}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{117F753B-1C1D-456F-BAF0-B08C3DB7B5B5}" = protocol=17 | dir=in | app=c:\warthunder\bpreport.exe |
"{152952F5-7F1C-4867-8A62-00DE048792CB}" = protocol=17 | dir=in | app=h:\program files\pinnacle studio 17\programs\rm.exe |
"{19B5BB34-AD5E-4782-AB1E-1FF04DE7A909}" = protocol=17 | dir=in | app=h:\heroes & generals\live\hng.exe |
"{1C9F418D-8DAE-4634-9A8C-0113E0BF58F2}" = protocol=6 | dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtwlan.exe |
"{1D3AE753-45DD-4319-AABF-3645466CABB6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1E16A67D-7B74-42DC-B200-EA6F5BF17CD3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{21BBCFBA-D9FD-484F-A6E4-AA0323B269DB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2965E01B-DAC5-447C-BACE-1FFF6598E8FF}" = protocol=6 | dir=in | app=c:\warthunder\bpreport.exe |
"{2D6B5869-D8F5-425E-B6BE-F32BCB85D48A}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{317CC2FC-A404-46C8-9663-F92E8CEEAC30}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{344D57BF-001B-4782-A45E-C2F05671EC32}" = protocol=6 | dir=out | app=system |
"{34C98295-15FD-4A0C-9899-4C1A816D32A5}" = protocol=6 | dir=in | app=h:\program files\pinnacle studio 17\programs\rm.exe |
"{36BB125F-526D-4E85-A23F-07BD695F9E74}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{3C5193B6-AA22-4D03-97AE-FBB17CCF9AEF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{44579667-02E4-41F6-9554-F2EEEE524054}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4869E2FB-6354-4D1F-AC5E-A8578CF4950B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{4B886EB2-24E8-4511-B5F5-451F8E1A314B}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink\common\ramediaserver.exe |
"{4C59BE5F-8ECC-4B62-BCEC-820739CCD26A}" = protocol=6 | dir=in | app=h:\steamlibrary\steamapps\common\spaceengineers\bin64\spaceengineers.exe |
"{4CD904B9-2DCC-4EEC-A3BF-3DFA119B07FB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{512002BE-1B30-4366-A86D-0DC00479784A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{52E2721F-3A35-430E-987E-DC0BC792D658}" = protocol=17 | dir=in | app=h:\program files\pinnacle studio 17\programs\ngstudio.exe |
"{5799FFC8-94D3-4955-9BA2-0F71D3AE0687}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink\common\raui.exe |
"{5C987885-708F-458B-A418-63A0AA9BC146}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{618DFEFD-B034-4F1A-948A-52C7F85E4EF2}" = protocol=17 | dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtwlan.exe |
"{66EF1D68-6AE1-4EFE-9E5A-5372D47D7902}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7892C642-9EFB-40A5-9230-FC2CA28E72EB}" = protocol=6 | dir=in | app=h:\warthunderdev\launcher.exe |
"{7F997380-B937-4F22-A33A-17B387A7E74A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{83CDF6FB-DE2F-4A2B-8380-8741950881F7}" = protocol=17 | dir=in | app=h:\steamlibrary\steamapps\common\spaceengineers\bin64\spaceengineers.exe |
"{86595460-EB64-43A6-9893-1244CADB8B56}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{86CA0079-AD18-4D43-9D1A-35023A07220A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{874FA4D4-8D90-43DE-9D75-D7F1888565C5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{8CA2127F-C57C-4B06-8D45-3F87EB8C41F6}" = protocol=17 | dir=in | app=c:\warthunder\launcher.exe |
"{9612E95E-0583-4BFE-BA9A-0C8939674D5A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{98931980-E33C-4389-B16E-5EDCBA2DF0E2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9B83C4ED-E8A4-4A3A-9953-09C0E28F7156}" = dir=in | app=c:\program files (x86)\realtek\11n usb wireless lan utility\rtldhcp.exe |
"{A3E7AC45-BD59-4446-8FD5-3517AE3F6031}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink\common\raui.exe |
"{A6E0272F-3968-406A-9B1C-B1E53028E5E6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A74E1780-A7E4-4A0B-9F36-11C764008B6B}" = protocol=17 | dir=in | app=h:\warthunderdev\launcher.exe |
"{AF74318A-BBA3-46E6-86A5-16E4505F728E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{B0CBFEE5-B662-4DF8-A83D-DF33E466D95B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B340A532-4254-4ABD-B4AA-8F8A36F83F78}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{C9375544-ECEE-4306-AE3E-AAD5D1450F14}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{D27B47E3-AD0D-41A7-AB17-7745789AFA29}" = protocol=6 | dir=in | app=h:\steamlibrary\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{D302B4AC-602D-4847-9FCE-95FFE96B4FBE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D43AB57D-F4DB-454E-9E33-3BF25FFA3628}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{DCFB7F72-C302-4B1A-9F0D-8AF44D6AF025}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E0D317A0-6C3E-4E8C-AE61-A160BB6C251B}" = protocol=6 | dir=in | app=h:\steamlibrary\steamapps\common\insurgency2\insurgency.exe |
"{E27F84B1-7320-4B35-87CA-AB8C5F39404D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EE1EC501-3103-4554-BCC3-2F72D9CEF3B8}" = protocol=17 | dir=in | app=h:\steamlibrary\steamapps\common\heroes & generals\hngsteamlauncher.exe |
"{F7380849-5326-4F7A-BB30-55F64EC9E124}" = protocol=6 | dir=in | app=c:\warthunder\launcher.exe |
"{F7DEBFB3-892E-4454-89EB-BA3FC931D1E4}" = protocol=6 | dir=in | app=h:\program files\pinnacle studio 17\programs\ngstudio.exe |
"{FCF23F6E-8095-47F5-87C8-8314F1A8C875}" = protocol=6 | dir=in | app=h:\heroes & generals\live\hng.exe |
"{FE87CE73-7575-4A32-9DC5-4B0E391B187A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{22157667-B58C-4E77-98EA-F2CAE1663C56}C:\warthunder\aces.exe" = protocol=6 | dir=in | app=c:\warthunder\aces.exe |
"TCP Query User{2D9E4A0B-D8BB-42A8-B55E-E5EC6DDCFA6B}H:\hearthstone\hearthstone.exe" = protocol=6 | dir=in | app=h:\hearthstone\hearthstone.exe |
"TCP Query User{3A519A87-1E37-4D35-BDCB-E67B28980118}C:\warthunder\launcher.exe" = protocol=6 | dir=in | app=c:\warthunder\launcher.exe |
"TCP Query User{41FA42EF-7138-4B5B-90CB-F60225DBBEDC}H:\minikraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=6 | dir=in | app=h:\minikraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"TCP Query User{4E339A31-600D-4BE9-ACF5-13A1D2361D2B}H:\minikraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=6 | dir=in | app=h:\minikraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"TCP Query User{4E8610B7-ED75-4911-BF55-A692036304D7}H:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe" = protocol=6 | dir=in | app=h:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe |
"TCP Query User{595CC490-B708-447C-9C60-3F51D700D62E}H:\qtracker.exe" = protocol=6 | dir=in | app=h:\qtracker.exe |
"TCP Query User{6131D255-F863-4F26-9095-074B64A601A5}H:\warthunderdev\aces.exe" = protocol=6 | dir=in | app=h:\warthunderdev\aces.exe |
"TCP Query User{7137AD62-DD45-4DE9-B4E3-DE684CB12993}C:\warthunder\aces.exe" = protocol=6 | dir=in | app=c:\warthunder\aces.exe |
"TCP Query User{8ABDA5B3-4F81-4EF5-BEB7-58330B8798CD}H:\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe" = protocol=6 | dir=in | app=h:\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe |
"TCP Query User{98B372C8-EDFA-48CC-9A79-6704464439EA}C:\windows\syswow64\dpnsvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"TCP Query User{C2C7BE30-4AFC-453B-836D-3D6A4DE3A0CD}H:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe" = protocol=6 | dir=in | app=h:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe |
"TCP Query User{D06197C4-6497-4ACC-AE92-FB097AACB3B7}C:\program files (x86)\the creative assembly\rome - total war anthology\rometw-bi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\the creative assembly\rome - total war anthology\rometw-bi.exe |
"TCP Query User{EAE1E09B-E96D-4951-8F84-619B1F5E13BF}H:\vietcong zlatá kolekce\vietcong.exe" = protocol=6 | dir=in | app=h:\vietcong zlatá kolekce\vietcong.exe |
"TCP Query User{F262B2C4-E25E-45A7-A40F-7D9F711AD7E9}C:\windows\kmsemulator.exe" = protocol=6 | dir=in | app=c:\windows\kmsemulator.exe |
"TCP Query User{F33E87F5-AE69-47D6-BF76-38D1F893E9F6}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{24189C4A-FABB-4A8E-9280-44F678252321}C:\program files (x86)\the creative assembly\rome - total war anthology\rometw-bi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\the creative assembly\rome - total war anthology\rometw-bi.exe |
"UDP Query User{4357A7E2-E271-48F6-A6A0-11040296FF29}H:\warthunderdev\aces.exe" = protocol=17 | dir=in | app=h:\warthunderdev\aces.exe |
"UDP Query User{529EEEC9-849D-44DE-9365-B37AA30832D2}H:\vietcong zlatá kolekce\vietcong.exe" = protocol=17 | dir=in | app=h:\vietcong zlatá kolekce\vietcong.exe |
"UDP Query User{5C8D28F3-341E-44D0-A7DD-78E7EDCAE9E3}H:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe" = protocol=17 | dir=in | app=h:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe |
"UDP Query User{70C4EC86-85FE-4BA9-A9A2-6826AF6405D7}H:\minikraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=17 | dir=in | app=h:\minikraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"UDP Query User{9F6B1A36-8FD6-4CE1-AE95-12BCC7BFA82F}H:\qtracker.exe" = protocol=17 | dir=in | app=h:\qtracker.exe |
"UDP Query User{A2C61FB1-C8F4-4D75-965C-310BC24A71D5}C:\warthunder\aces.exe" = protocol=17 | dir=in | app=c:\warthunder\aces.exe |
"UDP Query User{AA56526B-41A2-4CE1-A3D9-E4976476E1F3}H:\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe" = protocol=17 | dir=in | app=h:\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe |
"UDP Query User{B3EE1ECF-0162-4407-BD88-B4EC0A257872}H:\hearthstone\hearthstone.exe" = protocol=17 | dir=in | app=h:\hearthstone\hearthstone.exe |
"UDP Query User{C4A0F056-91D2-4657-93F3-DE810400739C}C:\warthunder\launcher.exe" = protocol=17 | dir=in | app=c:\warthunder\launcher.exe |
"UDP Query User{CC3F38AB-2434-49CB-A412-BBD35F57FEF6}C:\windows\syswow64\dpnsvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dpnsvr.exe |
"UDP Query User{CF53553E-4A85-467C-BF45-0FB02DC7AEBC}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{D2384A26-2F7E-4F21-AE3E-5DF1576DF631}C:\windows\kmsemulator.exe" = protocol=17 | dir=in | app=c:\windows\kmsemulator.exe |
"UDP Query User{D7791971-EADC-43BB-A16B-C95D45867B0E}C:\warthunder\aces.exe" = protocol=17 | dir=in | app=c:\warthunder\aces.exe |
"UDP Query User{EC35C038-C528-40BD-973C-8371EFCADE90}H:\minikraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" = protocol=17 | dir=in | app=h:\minikraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe |
"UDP Query User{EDFB7D30-93D6-45E8-B4C9-793E867B900C}H:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe" = protocol=17 | dir=in | app=h:\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F06417071FF}" = Java 7 Update 71 (64-bit)
"{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap
"{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 - English
"{5783F2D7-D001-0409-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack - English
"{5783F2D7-D001-0409-2102-0060B0CE6BBA}" = AutoCAD 2014 - English
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5 CSY Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{A4F0DB87-3269-34FE-AFFE-4168FDFA4A22}" = Microsoft .NET Framework 4.5 CSY Language Pack
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 353.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.30
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"AutoCAD 2014 - English" = Autodesk AutoCAD 2014 - English
"Autodesk ReCap" = Autodesk ReCap
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.71.1
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.27
"GIMP-2_is1" = GIMP 2.8.14
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Recuva" = Recuva
"Sublime Text 2_is1" = Sublime Text 2.0.2
"Windows Movie Maker" = Windows Movie Maker
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83218040F0}" = Java 8 Update 40
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Ralink RT2870 Wireless LAN Card
"{29BA43D8-07F9-4D78-A682-91BAAA98A302}" = Rome - Total War Anthology
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1" = Lightshot-5.3.0.0
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3DA8F808-72E2-4361-82EC-433081D23005}" = Pinnacle Studio 17
"{43245B34-BAEA-4716-B877-38E7E7026698}" = OpenOffice 4.1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1" = Pinnale Systems Software Keys
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{6A0549A9-1B96-498C-ACBC-3943001FEB19}" = Skype™ 7.13
"{6B84E528-9705-4D36-9C97-97B8E23DAB75}" = League of Legends
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{817750FA-EC6A-485D-9901-0683AE6FFDF1}" = Google Earth
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A470330-70B2-49AD-86AF-79885EF9898A}" = FARO LS 1.1.501.0 (64bit)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{abc8eea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.340
"{AC76BA86-0804-1033-1959-001824161310}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.13) - Czech
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BFF23267-1D19-444E-93E2-E5059BE805EA}" = Dazzle Video Capture DVC100 X64 Driver 1.06
"{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}" = GTA San Andreas
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.502
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FAB1F336-1B7C-4057-A7BC-2922CD82A781}" = Edimax RT6x Wireless LAN Card
"1207665503_is1" = Terraria
"Advanced SystemCare 8_is1" = Advanced SystemCare 8
"AIDA64 Extreme_is1" = AIDA64 Extreme v5.00
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0.5
"Autodesk Content Service" = Autodesk Content Service
"Avast" = Avast Free Antivirus
"Battle.net" = Battle.net
"BitTorrent" = BitTorrent
"BloodyToneMaker" = ToneMaker 1
"DAEMON Tools Pro" = DAEMON Tools Pro
"Deckadance 2" = Deckadance 2
"Driver Booster_is1" = Driver Booster 2.2
"EAGLE 7.2.0" = EAGLE 7.2.0
"FL Studio 11" = FL Studio 11
"FlowStone" = FlowStone FL 3.0
"Google Chrome" = Google Chrome
"Hardcore" = Hardcore
"Hearthstone" = Hearthstone
"IL Shared Libraries" = IL Shared Libraries
"InstallShield_{29BA43D8-07F9-4D78-A682-91BAAA98A302}" = Rome - Total War Anthology
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"League of Legends 3.0.1" = League of Legends
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.0.1024
"MKV Player_is1" = MKV Player 2.1.17
"Open Broadcaster Software" = Open Broadcaster Software
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.5.1
"Opera 33.0.1990.115" = Opera Stable 33.0.1990.115
"Rockstar Games Social Club" = Rockstar Games Social Club
"Steam" = Steam
"Steam App 222880" = Insurgency
"Steam App 227940" = Heroes & Generals
"Steam App 244850" = Space Engineers
"Vietcong Zlatá Kolekce (CZ)" = Vietcong Zlatá Kolekce (CZ)
"VLC media player" = VLC media player
"ZonerCallisto5_CZ_is1" = Zoner Callisto 5 FREE

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4057503627-1852955601-1194495846-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7.12.2015 3:27:21 | Computer Name = Tomáš-PC | Source = AdvancedSystemCareService8 | ID = 0
Description =

Error - 7.12.2015 11:01:26 | Computer Name = Tomáš-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Selhalo načtení automatické aktualizace kořenového certifikátu jiného
výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 4C2AFD.crt>.
Došlo k chybě Daná operace se vrátila, protože vypršel časový limit. .

Error - 7.12.2015 11:45:13 | Computer Name = Tomáš-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Selhalo načtení automatické aktualizace kořenového certifikátu jiného
výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 4C2AFD.crt>.
Došlo k chybě Daná operace se vrátila, protože vypršel časový limit. .

Error - 7.12.2015 11:45:15 | Computer Name = Tomáš-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Selhalo načtení automatické aktualizace kořenového certifikátu jiného
výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 4C2AFD.crt>.
Došlo k chybě Zvolený server nemůže provést požadovanou operaci. .

Error - 7.12.2015 11:45:15 | Computer Name = Tomáš-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Selhalo načtení automatické aktualizace kořenového certifikátu jiného
výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 4C2AFD.crt>.
Došlo k chybě Zvolený server nemůže provést požadovanou operaci. .

Error - 7.12.2015 13:16:40 | Computer Name = Tomáš-PC | Source = AdvancedSystemCareService8 | ID = 0
Description =

Error - 7.12.2015 13:16:40 | Computer Name = Tomáš-PC | Source = AdvancedSystemCareService8 | ID = 0
Description =

Error - 7.12.2015 18:04:24 | Computer Name = Tomáš-PC | Source = AdvancedSystemCareService8 | ID = 0
Description =

Error - 7.12.2015 18:04:24 | Computer Name = Tomáš-PC | Source = AdvancedSystemCareService8 | ID = 0
Description =

Error - 8.12.2015 6:28:02 | Computer Name = Tomáš-PC | Source = Microsoft-Windows-CAPI2 | ID = 4101
Description = Selhalo načtení automatické aktualizace kořenového certifikátu jiného
výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 4C2AFD.crt>.
Došlo k chybě Daná operace se vrátila, protože vypršel časový limit. .

[ System Events ]
Error - 4.8.2015 7:26:17 | Computer Name = Tomáš-PC | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk2\DR2 má chybný blok.

Error - 4.8.2015 7:28:58 | Computer Name = Tomáš-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Ralink UPnP Media Server bylo dosaženo
časového limitu (30000 ms).

Error - 4.8.2015 8:53:46 | Computer Name = Tomáš-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error - 4.8.2015 8:53:47 | Computer Name = Tomáš-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error - 4.8.2015 8:53:48 | Computer Name = Tomáš-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error - 4.8.2015 8:53:49 | Computer Name = Tomáš-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error - 4.8.2015 8:53:50 | Computer Name = Tomáš-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error - 4.8.2015 11:44:01 | Computer Name = Tomáš-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error - 4.8.2015 11:44:02 | Computer Name = Tomáš-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error - 4.8.2015 11:44:03 | Computer Name = Tomáš-PC | Source = Disk | ID = 262155
Description = Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

< End of report >

#8 Příspěvek od **Rudy** » 08 pro 2015 21:19

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text:

:OTL
@Alternate Data Stream - 6168 bytes -> C:\Windows\PLA\System\System Diagnostics.xml:0v1ieca3Feahez0jAwxjjk5uRh
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-4057503627-1852955601-1194495846-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.45_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk\2_1\
CHR - Extension: No name found = C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O9:64bit: - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\{4a9e7967-d548-11e4-b878-002185338b58}\Shell - "" = AutoRun
O33 - MountPoints2\{4a9e7967-d548-11e4-b878-002185338b58}\Shell\AutoRun\command - "" = G:\Setup.exe -- [2007.11.01 22:24:27 | 000,062,976 | R--- | M] (Aspyr Media, Inc.)
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\.autorun\autorun.exe

:files
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Skype\Toolbars
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

WarpfireW · #9 Příspěvek od **WarpfireW** » 09 pro 2015 16:04

Files\Folders moved on Reboot...
File\Folder G:\Setup.exe not found!
C:\ProgramData\DP45977C.lfl moved successfully.
C:\Users\Tomáš\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Tomáš\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.
C:\Windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#10 Příspěvek od **Rudy** » 09 pro 2015 18:30

Log není kompletní.

WarpfireW · #11 Příspěvek od **WarpfireW** » 09 pro 2015 19:15

Po restartu vyskočilo pouze tohle a nic víc se neobjevilo, nastavení OTL sem nechal jak bylo akorát tam připsal co jste doporučil.

#12 Příspěvek od **Rudy** » 09 pro 2015 20:11

Změnilo se něco?

WarpfireW · #13 Příspěvek od **WarpfireW** » 09 pro 2015 20:24

Akorát se mi objevili na disku C uzamčené složky a google chrom se vyresetoval do původní podoby, jinak sem si ničeho nevšiml.

#14 Příspěvek od **Rudy** » 09 pro 2015 20:26

OK. Zkusíme to jinak, snad se vám podaří sem dát kompletní log. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

WarpfireW · #15 Příspěvek od **WarpfireW** » 09 pro 2015 20:56

FRST3.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
Ran by Tomáš (administrator) on TOMÁŠ-PC (09-12-2015 20:45:27)
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Edimax\Common\RaRegistry64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-07-20] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-06] (AVAST Software)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4057503627-1852955601-1194495846-1000\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [7887872 2014-01-15] ()
HKU\S-1-5-21-4057503627-1852955601-1194495846-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-4057503627-1852955601-1194495846-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-4057503627-1852955601-1194495846-1000\...\Policies\Explorer: []
HKU\S-1-5-21-4057503627-1852955601-1194495846-1000\...\MountPoints2: {4a9e7967-d548-11e4-b878-002185338b58} - G:\Setup.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-30] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{82C4F192-1C12-4808-B024-A5CB101800EF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D14EE37E-6997-4802-B85C-6BF42136015B}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-22] (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-30] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-30] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll => No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File
Toolbar: HKU\S-1-5-21-4057503627-1852955601-1194495846-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> H:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-30] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.google.com"
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-09]
CHR Extension: (Google Docs) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-09]
CHR Extension: (Google Drive) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-09]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-09]
CHR Extension: (Google Search) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-09]
CHR Extension: (Google Sheets) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-09]
CHR Extension: (Google Docs Offline) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-09]
CHR Extension: (AdBlock) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-09]
CHR Extension: (Ad.Block Plus) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcjcaoebjbhijionhllfgmabccekjfak [2015-12-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-09]
CHR Extension: (Marc Ecko) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk [2015-12-09]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-22]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-30] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 c2cautoupdatesvc; "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service [X]
S2 c2cpnrsvc; "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-30] (AVAST Software)
R3 CMUAC; C:\Windows\System32\DRIVERS\Headset6400x1.SYS [386560 2013-10-03] (A4Tech Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2015-03-28] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-22] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [183144 2015-03-22] (Marvell Semiconductor, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-07-20] (Synaptics Incorporated)
S3 cpuz137; \??\C:\Users\TOM~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-09 20:45 - 2015-12-09 20:46 - 00017294 _____ C:\Users\Tomáš\Desktop\FRST.txt
2015-12-09 20:44 - 2015-12-09 20:45 - 00000000 ____D C:\FRST
2015-12-09 20:43 - 2015-12-09 20:43 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe
2015-12-09 20:42 - 2015-12-09 20:41 - 02369024 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2015-12-09 20:41 - 2015-12-09 20:41 - 02369024 _____ (Farbar) C:\Users\Tomáš\Downloads\FRST64.exe
2015-12-09 17:33 - 2015-12-09 17:33 - 00000000 ____D C:\Users\Tomáš\Desktop\QGIS
2015-12-09 17:21 - 2015-12-09 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QGIS Pisa
2015-12-09 17:18 - 2015-12-09 17:31 - 00000000 ____D C:\Users\Tomáš\Documents\GIS DataBase
2015-12-09 17:16 - 2015-12-09 17:16 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
2015-12-09 17:15 - 2015-12-09 17:15 - 00002303 _____ C:\Users\Tomáš\Desktop\Chrome App Launcher.lnk
2015-12-09 17:15 - 2015-12-09 17:15 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-09 16:46 - 2015-12-09 17:17 - 300645221 _____ C:\Users\Tomáš\Downloads\QGIS-OSGeo4W-2.10.1-1-Setup-x86_64.exe
2015-12-09 16:03 - 2015-12-09 16:03 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-12-09 15:55 - 2015-12-09 15:55 - 00000000 ____D C:\_OTL
2015-12-08 20:06 - 2015-12-08 21:03 - 00271046 _____ C:\Users\Tomáš\Downloads\OTL.Txt
2015-12-08 20:06 - 2015-12-08 20:36 - 00083104 _____ C:\Users\Tomáš\Downloads\Extras.Txt
2015-12-08 19:18 - 2015-12-08 19:18 - 00000512 _____ C:\PhysicalMBR.bin
2015-12-08 19:11 - 2015-12-08 19:12 - 00602112 _____ (OldTimer Tools) C:\Users\Tomáš\Downloads\OTL.exe
2015-12-07 15:56 - 2015-12-08 11:20 - 00000000 ____D C:\Program Files\trend micro
2015-12-07 15:56 - 2015-12-07 15:56 - 00000000 ____D C:\rsit
2015-12-07 15:55 - 2015-12-07 15:55 - 01222144 _____ C:\Users\Tomáš\Downloads\RSITx64.exe
2015-12-03 15:01 - 2015-12-03 15:01 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-03 15:01 - 2015-12-03 15:01 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-02 16:10 - 2015-12-02 16:10 - 00000000 __RHD C:\Users\Tomáš\AppData\Roaming\SecuROM
2015-11-30 18:29 - 2015-11-30 18:29 - 00003165 _____ C:\Users\Tomáš\Downloads\EarthsCore1.1_archive.torrent
2015-11-29 16:21 - 2015-11-29 16:21 - 00065118 _____ C:\Users\Tomáš\Documents\18,19-lUCEMBURKOVÉ.pdf
2015-11-29 16:21 - 2015-11-29 16:21 - 00058988 _____ C:\Users\Tomáš\Documents\POLIT.VÝVOJ ZA PŘEMYSLOVSKÝCH KRÁLŮ.pdf
2015-11-24 19:13 - 2015-11-24 19:13 - 00044097 _____ C:\Users\Tomáš\Documents\HOSPODÁŘSTVÍ-STŘEDOVĚK.pdf
2015-11-24 19:12 - 2015-11-24 19:12 - 00021773 _____ C:\Users\Tomáš\Documents\index.htm
2015-11-22 21:10 - 2015-11-22 21:10 - 00000000 ____D C:\Users\Tomáš\AppData\Local\Blizzard
2015-11-22 21:04 - 2015-11-22 21:04 - 00000678 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-11-22 21:04 - 2015-11-22 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-11-22 20:42 - 2015-11-22 20:42 - 00000000 ____D C:\Data
2015-11-18 22:11 - 2015-11-18 22:12 - 00044842 _____ C:\Users\Tomáš\Documents\14-KULTURA ROMÁNSKÁ.pdf
2015-11-14 16:08 - 2015-11-14 16:08 - 00363388 _____ C:\Users\Tomáš\Downloads\clothcalc_cz (1).user.js
2015-11-12 18:18 - 2015-11-12 18:18 - 01541700 _____ C:\Users\Tomáš\Downloads\journeymap-1.7.10-5.1.0-fairplay.jar
2015-11-12 17:58 - 2015-11-12 17:58 - 00066286 _____ C:\Users\Tomáš\Downloads\TerraFirmaCraftNEIplugin-1.7.10-1.5.3.24.jar
2015-11-12 17:56 - 2015-11-12 17:56 - 00507333 _____ C:\Users\Tomáš\Downloads\Not-Enough-Items-1.7.10.jar
2015-11-12 17:49 - 2015-11-12 17:49 - 00180813 _____ C:\Users\Tomáš\Downloads\NotEnoughItems-1.7.10-1.0.5.118-src.jar
2015-11-12 17:42 - 2015-11-12 17:42 - 00513018 _____ C:\Users\Tomáš\Downloads\NotEnoughItems-1.7.10-1.0.5.118-universal.jar
2015-11-12 17:11 - 2015-11-12 17:11 - 05445175 _____ C:\Users\Tomáš\Downloads\BiblioCraft[v1.11.4][MC1.7.10].jar
2015-11-12 17:10 - 2015-11-12 17:10 - 00087181 _____ C:\Users\Tomáš\Downloads\DynamicLights-1.7.10.zip
2015-11-12 17:04 - 2015-11-12 17:04 - 00182350 _____ C:\Users\Tomáš\Downloads\Reis-Minimap-Mod-1.7.10.jar
2015-11-12 17:04 - 2015-11-12 17:04 - 00113256 _____ C:\Users\Tomáš\Downloads\TooManyItems-Mod-Forge-1.7.10.jar
2015-11-12 16:51 - 2015-11-12 16:51 - 00263186 _____ C:\Users\Tomáš\Downloads\minecraft_1.7.10.exe
2015-11-12 16:50 - 2015-11-12 16:50 - 03336459 _____ C:\Users\Tomáš\Downloads\forge-1.7.10-10.13.4.1448-1.7.10-installer-win.exe
2015-11-12 16:46 - 2015-11-12 16:46 - 00116959 _____ C:\Users\Tomáš\Downloads\fastcraft-1.21.jar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-09 20:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-09 20:25 - 2015-03-22 20:22 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Skype
2015-12-09 20:22 - 2015-03-25 23:28 - 00007604 _____ C:\Users\Tomáš\AppData\Local\Resmon.ResmonCfg
2015-12-09 19:44 - 2015-03-22 22:40 - 00000388 _____ C:\Windows\Tasks\update-sys.job
2015-12-09 19:23 - 2015-03-22 22:40 - 00000388 _____ C:\Windows\Tasks\update-S-1-5-21-4057503627-1852955601-1194495846-1000.job
2015-12-09 19:09 - 2015-04-25 15:28 - 00000000 ____D C:\Users\Tomáš\AppData\Local\gtk-2.0
2015-12-09 19:09 - 2015-04-02 12:16 - 00000000 ____D C:\Users\Tomáš\.gimp-2.8
2015-12-09 18:26 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-09 18:26 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-09 17:40 - 2015-06-14 14:59 - 00033280 ___SH C:\Users\Tomáš\Thumbs.db
2015-12-09 17:23 - 2015-04-29 13:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-09 16:40 - 2015-05-15 14:32 - 00056320 ___SH C:\Users\Tomáš\Documents\Thumbs.db
2015-12-09 16:22 - 2015-04-23 19:55 - 00000000 ____D C:\Program Files\Recuva
2015-12-09 16:19 - 2015-03-22 19:27 - 00002874 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Tomáš)
2015-12-09 16:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-09 16:03 - 2015-07-31 08:11 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-09 15:55 - 2015-03-22 20:29 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-09 15:55 - 2015-03-22 20:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-09 07:18 - 2015-03-22 19:29 - 00002185 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-12-08 19:08 - 2015-04-05 11:06 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-07 23:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-07 21:58 - 2015-05-18 10:08 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\OBS
2015-12-07 15:30 - 2015-03-22 22:05 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-07 14:36 - 2015-03-23 16:15 - 00000000 ____D C:\Users\Tomáš\AppData\LocalLow\Heroes and Generals
2015-12-07 14:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-07 08:10 - 2015-03-27 13:57 - 00003494 _____ C:\Users\Tomáš\Desktop\fdf.txt
2015-12-07 06:21 - 2015-03-28 14:01 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\DAEMON Tools Pro
2015-12-07 06:21 - 2015-03-22 21:38 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\BitTorrent
2015-12-07 05:52 - 2015-03-27 20:06 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-06 18:32 - 2015-04-05 11:06 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-06 18:32 - 2015-04-05 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-06 18:32 - 2015-04-05 11:06 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-06 11:38 - 2015-03-22 19:27 - 00000000 ____D C:\ProgramData\ProductData
2015-12-05 11:30 - 2015-03-22 20:33 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-04 16:10 - 2015-04-14 20:23 - 00000000 ____D C:\Users\Tomáš\AppData\Local\Battle.net
2015-12-04 15:24 - 2015-04-14 20:22 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-02 19:48 - 2015-08-18 15:54 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\vlc
2015-12-02 16:05 - 2015-03-22 20:29 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 16:05 - 2015-03-22 20:29 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-02 16:01 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-29 10:24 - 2009-07-14 06:08 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-23 10:54 - 2015-03-23 18:35 - 00000000 ____D C:\WarThunder
2015-11-18 14:47 - 2015-03-27 20:07 - 00003830 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1427483227
2015-11-15 16:05 - 2015-05-13 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repacky od tomi2k9
2015-11-15 16:04 - 2015-03-28 13:41 - 00000000 ____D C:\Windows\Minidump
2015-11-15 14:50 - 2015-03-22 19:29 - 00002904 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Tomáš
2015-11-15 13:37 - 2009-07-14 16:18 - 00668866 _____ C:\Windows\system32\perfh005.dat
2015-11-15 13:37 - 2009-07-14 16:18 - 00141526 _____ C:\Windows\system32\perfc005.dat
2015-11-15 13:37 - 2009-07-14 06:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-14 18:10 - 2015-03-22 20:22 - 00000000 ____D C:\ProgramData\Skype
2015-11-13 22:20 - 2015-04-01 20:42 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\SpaceEngineers
2015-11-12 18:21 - 2015-04-21 21:04 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\.minecraft

==================== Files in the root of some directories =======

2015-04-28 13:40 - 2015-06-13 09:51 - 0000431 _____ () C:\Users\Tomáš\AppData\Roaming\TOMÁŠ-PC.MTBF.txt
2015-04-28 13:40 - 2015-06-13 09:52 - 0000792 _____ () C:\Users\Tomáš\AppData\Roaming\__AvidCloudManager.log
2015-04-28 13:40 - 2015-04-28 13:55 - 0001002 _____ () C:\Users\Tomáš\AppData\Roaming\__AvidCloudManagerPrevious.log
2015-06-16 17:53 - 2015-06-16 17:53 - 0000000 ___SH () C:\Users\Tomáš\AppData\Local\LumaEmu
2015-12-09 19:09 - 2015-12-09 19:09 - 0001521 _____ () C:\Users\Tomáš\AppData\Local\recently-used.xbel
2015-03-25 23:28 - 2015-12-09 20:22 - 0007604 _____ () C:\Users\Tomáš\AppData\Local\Resmon.ResmonCfg
2015-03-22 22:40 - 2015-03-22 22:40 - 0000003 _____ () C:\Users\Tomáš\AppData\Local\updater.log
2015-03-22 22:40 - 2015-10-03 10:26 - 0000424 _____ () C:\Users\Tomáš\AppData\Local\UserProducts.xml
2015-12-09 16:03 - 2015-12-09 16:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

ATTENTION: ==> Could not access BCD.

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\update-S-1-5-21-4057503627-1852955601-1194495846-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tom��\Desktop" je 374 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 8
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Tom��\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Tom��\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ralink Wireless Utility.lnk
C:\PROGRA~2\Ralink\Common\RaUI.exe -s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Wireless Utility.lnk
C:\PROGRA~2\Edimax\Common\RaUI.exe -s [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

VIRY.CZ

Nepřístojně pomalý internet

Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet

Re: Nepřístojně pomalý internet