Kontrola-podezření na malware Vyřešeno

[Vratka2CZ]

Při spuštění ComboFixu mi píše program: ComboFix is not meant to run in "Compability mode". A pak že se ukončí.. V Antiviru jsem vypnul rezidenční štít i anispayware.. Co mám tedy dělat? Odstranit potíže s kompabilitou když kliknu na ComboFix pravým jsem zkoušel a také bez výsledku..

PS: Koukal jsem na internet a také to lidem nejede na W8.1, zkoušel jsem ručně změnit kompabilitu ComboFixu na W7 a stále nejde..

[Reklama]

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[Vratka2CZ]

OTL.txt:

OTL logfile created on: 25. 2. 2014 13:40:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vratislav\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,87 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 68,82% Memory free
4,56 Gb Paging File | 3,39 Gb Available in Paging File | 74,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 889,45 Gb Total Space | 858,68 Gb Free Space | 96,54% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 22,41 Gb Free Space | 89,65% Space Free | Partition Type: NTFS

Computer Name: AMPERCZ | User Name: Vratislav | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Vratislav\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (CxAudMsg) -- C:\Windows\SysNative\CxAudMsg64.exe (Conexant Systems Inc.)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe (Symantec Corporation)
SRV - (VeriFaceSrv) -- C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe ()
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Windows (R) Win 7 DDK provider)
SRV - (ZAtheros Bt and Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymEFA64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\Ironx64.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\symnets.sys (Symantec Corporation)
DRV:64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\ccSetx64.sys (Symantec Corporation)
DRV:64bit: - (SymELAM) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymELAM.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\SymDS64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1501000.012\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.)
DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (rtsuvc) -- C:\Windows\SysNative\drivers\rtsuvc.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys ("CyberLink)
DRV - (NAVEX15) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140224.001\ex64.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140224.001\eng64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140221.001\IDSviA64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys (Symantec Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {86D30747-F535-48D4-A4AC-4243DD70C9D6}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{86D30747-F535-48D4-A4AC-4243DD70C9D6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{86D30747-F535-48D4-A4AC-4243DD70C9D6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0C773B62-093D-44F8-8F13-947B36B8B483}: "URL" = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{24591C75-48FD-4BE2-AB17-B3CFC64BA98E}: "URL" = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{3617AD44-8BD6-4A3B-A672-90FEA6755465}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{6C6466F3-09E2-4016-8704-FCECFF491466}: "URL" = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{970DB648-0075-4D34-BBAA-B9AC6CA953D6}: "URL" = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{AA48F656-0747-4027-81BA-C264B7F2E9D8}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{DE438EAE-9D84-496F-9225-A7269C9BE602}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{EDA100B9-F2F6-42D5-8681-0F0AE08A3DC8}: "URL" = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2014/02/13 11:22:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn\ [2014/02/25 13:36:53 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.seznam.cz/
CHR - plugin: Error reading preferences file
CHR - Extension: Dokumenty Google = C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Seznam Lištička - Email = C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig\1.3.13_0\
CHR - Extension: Seznam Lištička - Slovník = C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd\1.2.13_0\
CHR - Extension: YouTube = C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhledávání Google = C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Norton Identity Protection = C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.6.4.11_0\
CHR - Extension: Peněženka Google = C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Seznam Lištička - Rychlá volba = C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak\1.5.14_0\
CHR - Extension: Gmail = C:\Users\Vratislav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/08/22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\ipsbho.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtsFT] C:\WINDOWS\RTFTrack.exe (Realtek semiconductor)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SACpl.exe (Conexant Systems, Inc.)
O4 - HKLM..\Run: [Intel AppUp(SM) center] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [seznam-listicka-distribuce] C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm®Atheros®)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.255.255.10 10.255.255.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{02916EC1-FFD5-44BC-BBA5-3B062EBF7E89}: DhcpNameServer = 10.255.255.10 10.255.255.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B62CFFF-6F48-4233-934F-32D83F9E6461}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)

[Vratka2CZ]

O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\WINDOWS\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/02/22 21:26:26 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/25 13:39:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Vratislav\Desktop\OTL.exe
[2014/02/24 22:07:46 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\Diagnostics
[2014/02/24 19:01:35 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\gtk-2.0
[2014/02/24 19:01:12 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\.thumbnails
[2014/02/24 18:58:44 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\fontconfig
[2014/02/24 18:58:43 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\gegl-0.2
[2014/02/24 18:58:43 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\.gimp-2.8
[2014/02/24 18:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2014/02/24 16:38:14 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\Desktop\pc-help
[2014/02/23 21:23:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014/02/23 12:32:49 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\ATI
[2014/02/23 12:31:41 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/02/23 12:28:02 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\BMExplorer
[2014/02/23 00:16:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2014/02/23 00:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2014/02/22 22:11:16 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/02/22 22:02:39 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Malwarebytes
[2014/02/22 22:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/02/22 22:02:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/02/22 22:02:30 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014/02/22 22:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/02/22 21:24:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014/02/22 21:16:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2014/02/22 21:15:38 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Seznam.cz
[2014/02/21 21:43:54 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\GHISLER
[2014/02/20 20:31:09 | 017,858,952 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[2014/02/20 19:32:29 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2014/02/20 19:32:21 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\IrfanView
[2014/02/20 19:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2014/02/20 17:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2014/02/20 17:45:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2014/02/20 17:45:52 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Winamp
[2014/02/20 17:45:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2014/02/20 17:44:11 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\WinRAR
[2014/02/20 17:44:10 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/02/20 17:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/02/20 17:43:55 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/02/20 17:39:47 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\Documents\Registry
[2014/02/20 17:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014/02/20 17:38:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/02/20 17:37:00 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\Desktop\Programy
[2014/02/19 10:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Energy Management
[2014/02/16 11:26:28 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice
[2014/02/16 11:24:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT
[2014/02/13 22:54:05 | 000,000,000 | ---D | C] -- C:\totalcmd
[2014/02/13 22:54:05 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2014/02/13 22:54:05 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\GHISLER
[2014/02/13 11:39:38 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\vlc
[2014/02/13 11:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/02/13 11:38:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/02/13 11:33:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
[2014/02/13 11:32:47 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\uTorrent
[2014/02/13 11:30:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014/02/13 11:26:45 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\Documents\Symantec
[2014/02/13 11:21:47 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2014/02/13 11:21:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014/02/13 11:21:38 | 001,147,480 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymEFA64.sys
[2014/02/13 11:21:38 | 000,858,200 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtsp64.sys
[2014/02/13 11:21:38 | 000,590,936 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\symnets.sys
[2014/02/13 11:21:38 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymDS64.sys
[2014/02/13 11:21:38 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtspx64.sys
[2014/02/13 11:21:38 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymELAM.sys
[2014/02/13 11:21:37 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\Ironx64.sys
[2014/02/13 11:21:37 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\ccSetx64.sys
[2014/02/13 11:20:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NISx64
[2014/02/13 11:20:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012
[2014/02/13 11:20:57 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2014/02/13 11:20:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2014/02/13 11:20:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2014/02/13 11:20:40 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2014/02/13 11:20:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2014/02/13 09:00:33 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Win8StartMenuCustomizer
[2014/02/13 09:00:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 8 Start Screen Customizer
[2014/02/13 09:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows 8 Start Screen Customizer
[2014/02/12 23:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/02/12 23:34:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/02/12 23:34:43 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\Google
[2014/02/12 23:27:38 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\LSC
[2014/02/12 23:20:25 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Intel Corporation
[2014/02/12 23:19:36 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\ATI
[2014/02/12 23:19:36 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/02/12 23:19:32 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Lenovo
[2014/02/12 23:19:30 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\Documents\Bluetooth Folder
[2014/02/12 23:19:26 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Atheros
[2014/02/12 23:18:56 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/02/12 23:18:56 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/02/12 23:18:55 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\Searches
[2014/02/12 23:18:55 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\Contacts
[2014/02/12 23:18:49 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Adobe
[2014/02/12 23:17:55 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\VirtualStore
[2014/02/12 23:17:48 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\Packages
[2014/02/12 23:17:39 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\Videos
[2014/02/12 23:17:39 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\Saved Games
[2014/02/12 23:17:39 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\Pictures
[2014/02/12 23:17:39 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\Music
[2014/02/12 23:17:39 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\Links
[2014/02/12 23:17:39 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\Downloads
[2014/02/12 23:17:39 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Macromedia
[2014/02/12 23:17:39 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
[2014/02/12 23:14:00 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/02/12 20:25:38 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\PSpad
[2014/02/12 20:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PSPad editor
[2014/02/12 20:24:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PSPad editor
[2014/02/12 20:24:33 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\Programs
[2014/02/12 18:41:10 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\SkyDrive
[2014/02/12 18:39:09 | 000,036,096 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\SysNative\drivers\amdkmpfd.sys
[2014/02/12 18:38:52 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Identities
[2014/02/12 18:28:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Šablony
[2014/02/12 18:28:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Plocha
[2014/02/12 18:28:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Obrázky
[2014/02/12 18:28:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Nabídka Start
[2014/02/12 18:28:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Hudba
[2014/02/12 18:28:18 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Filmy
[2014/02/12 18:28:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumenty
[2014/02/12 18:28:18 | 000,000,000 | -HSD | C] -- C:\ProgramData\Data aplikací
[2014/02/12 18:16:20 | 000,000,000 | --SD | C] -- C:\Users\Vratislav\AppData\Roaming\Microsoft
[2014/02/12 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/02/12 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\Favorites
[2014/02/12 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\Documents
[2014/02/12 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\Desktop
[2014/02/12 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/02/12 18:16:20 | 000,000,000 | R--D | C] -- C:\Users\Vratislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\AppData\Local\Temporary Internet Files
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\Šablony
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\Soubory cookie
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\SendTo
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\Poslední
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\Okolní tiskárny
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\Okolní síť
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\Documents\Obrázky
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\Nabídka Start
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\Local Settings
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\Documents\Hudba
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\AppData\Local\History
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\Documents\Filmy
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\Dokumenty
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\Data aplikací
[2014/02/12 18:16:20 | 000,000,000 | -HSD | C] -- C:\Users\Vratislav\AppData\Local\Data aplikací
[2014/02/12 18:16:20 | 000,000,000 | -H-D | C] -- C:\Users\Vratislav\AppData
[2014/02/12 18:16:20 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\Temp
[2014/02/12 18:16:20 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Local\Microsoft
[2014/02/12 18:16:20 | 000,000,000 | ---D | C] -- C:\Users\Vratislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/02/12 18:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Conexant
[2014/02/12 18:12:23 | 000,000,000 | ---D | C] -- C:\Program Files\CONEXANT
[2014/02/12 18:12:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014/02/12 18:12:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2014/02/12 18:11:46 | 000,000,000 | ---D | C] -- C:\AMD
[2014/02/12 18:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014/02/12 18:11:30 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2014/02/12 18:11:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2014/02/12 18:10:05 | 000,000,000 | -HSD | C] -- C:\Recovery
[2014/02/12 18:09:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2014/02/12 18:07:59 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/02/12 18:07:52 | 000,570,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdrm.dll
[2014/02/12 18:07:45 | 000,075,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2014/02/12 18:07:35 | 001,113,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/02/12 18:07:31 | 000,787,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/02/12 18:07:27 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2014/02/12 18:07:27 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2014/02/12 18:07:23 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2014/02/12 18:07:23 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2014/02/12 18:07:13 | 003,395,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/02/12 18:07:13 | 000,848,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/02/12 18:07:13 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/02/12 18:07:13 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/02/12 18:07:13 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014/02/12 18:07:13 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/02/12 18:07:13 | 000,174,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014/02/12 18:07:13 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2014/02/12 18:06:29 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014/02/12 18:06:29 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014/02/12 18:06:14 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/02/12 18:06:14 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2014/02/12 18:06:14 | 000,240,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2014/02/12 18:05:57 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/02/12 18:05:57 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/02/12 18:05:57 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/02/12 18:05:57 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/02/12 18:05:57 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/02/12 18:05:57 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/02/12 18:05:57 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/02/12 18:05:57 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/02/12 18:05:57 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/02/12 18:05:57 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/02/12 18:05:57 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/02/12 18:05:57 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/02/12 18:05:57 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/02/12 18:05:57 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/02/12 18:05:57 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/02/12 18:05:57 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/02/12 18:05:57 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/02/12 18:05:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/02/12 18:05:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/02/12 18:05:57 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/02/12 18:05:57 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/02/12 18:04:33 | 013,209,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/02/12 18:04:33 | 011,702,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/02/12 18:04:33 | 007,416,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/02/12 18:04:33 | 004,961,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/02/12 18:04:33 | 001,462,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/02/12 18:04:33 | 001,105,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/02/12 18:04:15 | 004,217,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/02/12 18:04:15 | 002,804,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/02/12 18:04:15 | 000,919,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/02/12 18:04:15 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/02/12 18:04:15 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/02/12 18:04:15 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/02/12 18:04:15 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/02/12 18:04:15 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/02/12 18:04:15 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/02/12 18:03:47 | 004,604,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2014/02/12 18:03:47 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014/02/12 18:03:09 | 018,577,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/02/12 18:03:09 | 013,925,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/02/12 18:03:09 | 003,210,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2014/02/12 18:03:09 | 002,804,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2014/02/12 18:03:09 | 002,617,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/02/12 18:03:09 | 002,295,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/02/12 18:03:09 | 002,142,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/02/12 18:03:09 | 002,131,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/02/12 18:03:09 | 001,928,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014/02/12 18:03:09 | 001,415,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/02/12 18:03:09 | 001,399,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/02/12 18:03:09 | 001,374,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014/02/12 18:03:09 | 001,371,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014/02/12 18:03:09 | 001,227,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/02/12 18:03:09 | 001,204,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/02/12 18:03:09 | 000,980,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/02/12 18:03:09 | 000,809,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/02/12 18:03:09 | 000,764,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014/02/12 18:03:09 | 000,745,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/02/12 18:03:09 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014/02/12 18:03:09 | 000,669,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014/02/12 18:03:09 | 000,663,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/02/12 18:03:09 | 000,637,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014/02/12 18:03:09 | 000,589,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/02/12 18:03:09 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014/02/12 18:03:09 | 000,513,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/02/12 18:03:09 | 000,479,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014/02/12 18:03:09 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2014/02/12 18:03:09 | 000,461,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014/02/12 18:03:09 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2014/02/12 18:03:09 | 000,336,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014/02/12 18:03:09 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014/02/12 18:03:09 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/02/12 18:03:09 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014/02/12 18:03:09 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll
[2014/02/12 18:03:09 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/02/12 18:03:09 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll
[2014/02/12 18:03:09 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceregistration.dll
[2014/02/12 18:03:09 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/02/12 18:03:09 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014/02/12 18:03:09 | 000,032,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/02/12 18:03:09 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2014/02/12 18:03:09 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2014/02/12 18:00:41 | 007,399,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/02/12 18:00:41 | 002,896,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014/02/12 18:00:41 | 002,570,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/02/12 18:00:41 | 002,266,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014/02/12 18:00:41 | 002,143,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/02/12 18:00:41 | 002,140,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014/02/12 18:00:41 | 001,843,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/02/12 18:00:41 | 001,816,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/02/12 18:00:41 | 001,765,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014/02/12 18:00:41 | 001,765,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014/02/12 18:00:41 | 001,756,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2014/02/12 18:00:41 | 001,642,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014/02/12 18:00:41 | 001,506,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014/02/12 18:00:41 | 001,476,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014/02/12 18:00:41 | 001,391,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2014/02/12 18:00:41 | 001,345,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014/02/12 18:00:41 | 001,302,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/02/12 18:00:41 | 000,922,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/02/12 18:00:41 | 000,747,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2014/02/12 18:00:41 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014/02/12 18:00:41 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2014/02/12 18:00:41 | 000,516,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/02/12 18:00:41 | 000,382,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/02/12 18:00:41 | 000,372,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/02/12 18:00:41 | 000,358,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014/02/12 18:00:41 | 000,325,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014/02/12 18:00:41 | 000,254,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/02/12 18:00:41 | 000,225,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014/02/12 18:00:41 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/02/12 18:00:41 | 000,146,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2014/02/12 18:00:41 | 000,086,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2014/02/12 18:00:41 | 000,039,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2014/02/12 18:00:41 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/02/12 18:00:41 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/02/12 17:57:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2014/02/12 17:57:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2014/02/12 17:56:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\XPSViewer
[2014/02/12 17:56:58 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2014/02/12 17:56:58 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2014/02/12 17:56:28 | 000,778,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
[2014/02/12 17:56:28 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014/02/12 17:56:28 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014/02/12 17:56:28 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TsWpfWrp.exe
[2014/02/12 17:56:28 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TsWpfWrp.exe
[2014/02/12 17:56:27 | 001,166,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationNative_v0300.dll

========== Files - Modified Within 30 Days ==========

[2014/02/25 13:43:14 | 001,749,406 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/02/25 13:43:14 | 000,740,962 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2014/02/25 13:43:14 | 000,723,514 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/02/25 13:43:14 | 000,152,146 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2014/02/25 13:43:14 | 000,136,128 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/02/25 13:39:55 | 000,000,974 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/25 13:39:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Vratislav\Desktop\OTL.exe
[2014/02/25 13:38:29 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/02/25 13:37:21 | 000,000,970 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/25 13:36:25 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/02/25 13:36:23 | 3323,367,424 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/25 13:35:46 | 000,002,560 | ---- | M] () -- C:\WINDOWS\SysNative\VfService.trf
[2014/02/25 13:31:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/02/24 20:33:48 | 002,952,993 | ---- | M] () -- C:\Users\Vratislav\Desktop\P2240036.JPG
[2014/02/24 19:10:29 | 000,003,588 | ---- | M] () -- C:\Users\Vratislav\AppData\Local\recently-used.xbel
[2014/02/22 21:26:26 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014/02/22 15:07:31 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/02/21 14:25:55 | 002,122,465 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\Cat.DB
[2014/02/20 20:31:09 | 017,858,952 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[2014/02/17 22:00:34 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/02/17 22:00:34 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/13 11:21:47 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2014/02/13 11:21:47 | 000,008,222 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2014/02/13 11:21:47 | 000,000,854 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2014/02/13 09:11:48 | 000,000,925 | ---- | M] () -- C:\Users\Vratislav\Desktop\Stažené soubory.lnk
[2014/02/13 08:37:30 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/02/12 18:27:39 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2014/02/12 18:27:39 | 000,020,958 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2014/02/12 18:27:26 | 000,022,924 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/02/12 18:23:48 | 001,771,058 | ---- | M] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/02/12 18:20:08 | 000,336,416 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/02/12 18:07:59 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/02/12 18:07:52 | 000,570,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdrm.dll
[2014/02/12 18:07:45 | 000,075,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2014/02/12 18:07:35 | 001,113,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/02/12 18:07:31 | 000,787,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014/02/12 18:07:27 | 000,393,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2014/02/12 18:07:27 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2014/02/12 18:07:23 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcaui.exe
[2014/02/12 18:07:23 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pcaui.exe
[2014/02/12 18:07:13 | 003,395,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014/02/12 18:07:13 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/02/12 18:07:13 | 000,695,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/02/12 18:07:13 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/02/12 18:07:13 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014/02/12 18:07:13 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/02/12 18:07:13 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014/02/12 18:07:13 | 000,138,240 | ---- | M] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/02/12 18:07:13 | 000,103,936 | ---- | M] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/12 18:07:13 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSCollect.exe
[2014/02/12 18:06:29 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014/02/12 18:06:29 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014/02/12 18:06:14 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MDMAgent.exe
[2014/02/12 18:06:14 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2014/02/12 18:06:14 | 000,240,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2014/02/12 18:05:57 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/02/12 18:05:57 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/02/12 18:05:57 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/02/12 18:05:57 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/02/12 18:05:57 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/02/12 18:05:57 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/02/12 18:05:57 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/02/12 18:05:57 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/02/12 18:05:57 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/02/12 18:05:57 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/02/12 18:05:57 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/02/12 18:05:57 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/02/12 18:05:57 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/02/12 18:05:57 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/02/12 18:05:57 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/02/12 18:05:57 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/02/12 18:05:57 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/02/12 18:05:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/02/12 18:05:57 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/02/12 18:05:57 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/02/12 18:05:57 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollectorres.dll
[2014/02/12 18:04:33 | 013,209,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/02/12 18:04:33 | 011,702,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/02/12 18:04:33 | 007,416,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/02/12 18:04:33 | 004,961,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/02/12 18:04:33 | 001,462,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/02/12 18:04:33 | 001,105,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/02/12 18:04:33 | 000,009,701 | ---- | M] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014/02/12 18:04:33 | 000,009,701 | ---- | M] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014/02/12 18:04:15 | 004,217,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/02/12 18:04:15 | 002,804,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/02/12 18:04:15 | 000,919,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/02/12 18:04:15 | 000,870,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/02/12 18:04:15 | 000,720,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/02/12 18:04:15 | 000,628,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/02/12 18:04:15 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/02/12 18:04:15 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/02/12 18:04:15 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/02/12 18:03:47 | 004,604,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2014/02/12 18:03:47 | 002,397,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014/02/12 18:03:09 | 018,577,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/02/12 18:03:09 | 013,925,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/02/12 18:03:09 | 003,210,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2014/02/12 18:03:09 | 002,804,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2014/02/12 18:03:09 | 002,617,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/02/12 18:03:09 | 002,295,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/02/12 18:03:09 | 002,142,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/02/12 18:03:09 | 002,131,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/02/12 18:03:09 | 001,928,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014/02/12 18:03:09 | 001,415,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/02/12 18:03:09 | 001,399,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014/02/12 18:03:09 | 001,374,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014/02/12 18:03:09 | 001,371,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014/02/12 18:03:09 | 001,227,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/02/12 18:03:09 | 001,204,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014/02/12 18:03:09 | 000,980,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/02/12 18:03:09 | 000,809,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/02/12 18:03:09 | 000,764,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014/02/12 18:03:09 | 000,745,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/02/12 18:03:09 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncCore.dll
[2014/02/12 18:03:09 | 000,669,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014/02/12 18:03:09 | 000,663,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/02/12 18:03:09 | 000,637,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014/02/12 18:03:09 | 000,589,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/02/12 18:03:09 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncCore.dll
[2014/02/12 18:03:09 | 000,513,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/02/12 18:03:09 | 000,479,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014/02/12 18:03:09 | 000,470,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfds.dll
[2014/02/12 18:03:09 | 000,461,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014/02/12 18:03:09 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfds.dll
[2014/02/12 18:03:09 | 000,385,614 | ---- | M] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/02/12 18:03:09 | 000,336,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014/02/12 18:03:09 | 000,306,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014/02/12 18:03:09 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/02/12 18:03:09 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014/02/12 18:03:09 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Graphics.dll
[2014/02/12 18:03:09 | 000,263,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/02/12 18:03:09 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Graphics.dll
[2014/02/12 18:03:09 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\deviceregistration.dll
[2014/02/12 18:03:09 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014/02/12 18:03:09 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014/02/12 18:03:09 | 000,032,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ploptin.dll
[2014/02/12 18:03:09 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bi.dll
[2014/02/12 18:03:09 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BtaMPM.sys
[2014/02/12 18:00:41 | 007,399,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/02/12 18:00:41 | 002,896,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014/02/12 18:00:41 | 002,570,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/02/12 18:00:41 | 002,266,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014/02/12 18:00:41 | 002,143,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014/02/12 18:00:41 | 002,140,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014/02/12 18:00:41 | 001,843,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/02/12 18:00:41 | 001,816,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/02/12 18:00:41 | 001,765,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014/02/12 18:00:41 | 001,765,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014/02/12 18:00:41 | 001,756,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPDMC.exe
[2014/02/12 18:00:41 | 001,642,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014/02/12 18:00:41 | 001,506,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014/02/12 18:00:41 | 001,476,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014/02/12 18:00:41 | 001,391,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPDMC.exe
[2014/02/12 18:00:41 | 001,345,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014/02/12 18:00:41 | 001,302,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014/02/12 18:00:41 | 000,922,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014/02/12 18:00:41 | 000,747,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcli.dll
[2014/02/12 18:00:41 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014/02/12 18:00:41 | 000,544,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcli.dll
[2014/02/12 18:00:41 | 000,516,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014/02/12 18:00:41 | 000,382,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2014/02/12 18:00:41 | 000,372,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/02/12 18:00:41 | 000,358,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2014/02/12 18:00:41 | 000,325,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014/02/12 18:00:41 | 000,254,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2014/02/12 18:00:41 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2014/02/12 18:00:41 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2014/02/12 18:00:41 | 000,146,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\SerCx2.sys
[2014/02/12 18:00:41 | 000,086,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2014/02/12 18:00:41 | 000,039,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2014/02/12 18:00:41 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CredentialMigrationHandler.dll
[2014/02/12 18:00:41 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CredentialMigrationHandler.dll
[2014/02/01 03:13:36 | 000,028,778 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\VT20140131.024

========== Files Created - No Company Name ==========

[Vratka2CZ]

[2014/02/24 20:30:15 | 002,952,993 | ---- | C] () -- C:\Users\Vratislav\Desktop\P2240036.JPG
[2014/02/24 19:10:29 | 000,003,588 | ---- | C] () -- C:\Users\Vratislav\AppData\Local\recently-used.xbel
[2014/02/24 18:57:39 | 000,000,921 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2014/02/22 21:26:26 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014/02/22 15:07:31 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/02/13 19:57:07 | 000,028,778 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\VT20140131.024
[2014/02/13 11:21:50 | 002,122,465 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\Cat.DB
[2014/02/13 11:21:47 | 000,008,222 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2014/02/13 11:21:47 | 000,000,854 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2014/02/13 11:21:15 | 000,003,433 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymEFA.inf
[2014/02/13 11:21:15 | 000,002,852 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymDS.inf
[2014/02/13 11:21:15 | 000,001,440 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymNet.inf
[2014/02/13 11:21:15 | 000,001,437 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtsp64.inf
[2014/02/13 11:21:15 | 000,001,420 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtspx64.inf
[2014/02/13 11:21:15 | 000,001,098 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\symELAM.inf
[2014/02/13 11:21:15 | 000,000,855 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\ccSetx64.inf
[2014/02/13 11:21:15 | 000,000,767 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\Iron.inf
[2014/02/13 11:20:59 | 000,014,818 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymVTcer.dat
[2014/02/13 11:20:59 | 000,009,939 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymELAM64.cat
[2014/02/13 11:20:59 | 000,008,202 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\ccSetx64.cat
[2014/02/13 11:20:59 | 000,008,196 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtspx64.cat
[2014/02/13 11:20:59 | 000,008,194 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymEFA64.cat
[2014/02/13 11:20:59 | 000,008,192 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\symnet64.cat
[2014/02/13 11:20:59 | 000,008,192 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\srtsp64.cat
[2014/02/13 11:20:59 | 000,008,188 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\SymDS64.cat
[2014/02/13 11:20:59 | 000,008,184 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\iron.cat
[2014/02/13 11:20:58 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NISx64\1501000.012\isolate.ini
[2014/02/13 09:11:48 | 000,000,925 | ---- | C] () -- C:\Users\Vratislav\Desktop\Stažené soubory.lnk
[2014/02/13 08:57:40 | 000,000,914 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/02/13 08:37:30 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2014/02/12 23:34:55 | 000,000,974 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/12 23:34:53 | 000,000,970 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/12 23:14:02 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014/02/12 23:14:01 | 3323,367,424 | -HS- | C] () -- C:\hiberfil.sys
[2014/02/12 18:38:59 | 000,001,437 | ---- | C] () -- C:\Users\Vratislav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/02/12 18:27:26 | 000,022,924 | ---- | C] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2014/02/12 18:18:31 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/02/12 18:16:12 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2014/02/12 18:16:12 | 000,020,958 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2014/02/12 18:07:13 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014/02/12 18:07:13 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/12 18:04:33 | 000,009,701 | ---- | C] () -- C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
[2014/02/12 18:04:33 | 000,009,701 | ---- | C] () -- C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
[2014/02/12 18:03:09 | 000,385,614 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2013/12/21 00:02:44 | 000,280,064 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2013/12/21 00:02:40 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2013/12/21 00:02:40 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2013/12/13 10:23:56 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013/12/13 10:23:54 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013/12/13 10:23:46 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013/12/13 10:23:24 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013/12/13 10:23:24 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013/12/13 10:23:14 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013/08/24 10:50:51 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013/08/24 10:46:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013/08/24 10:46:01 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblup.dat
[2013/08/24 10:44:01 | 001,771,058 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/08/22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012/11/27 09:18:46 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
[2012/07/25 21:22:56 | 000,267,284 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng600.bin
[2012/07/25 21:22:54 | 000,963,376 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng600.bin
[2012/06/20 02:52:42 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/02/12 18:03:09 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/02/12 18:03:09 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/02/13 22:55:32 | 000,000,000 | ---D | M] -- C:\Users\Vratislav\AppData\Roaming\GHISLER
[2014/02/20 19:32:21 | 000,000,000 | ---D | M] -- C:\Users\Vratislav\AppData\Roaming\IrfanView
[2014/02/12 23:19:32 | 000,000,000 | ---D | M] -- C:\Users\Vratislav\AppData\Roaming\Lenovo
[2014/02/12 23:27:38 | 000,000,000 | ---D | M] -- C:\Users\Vratislav\AppData\Roaming\LSC
[2014/02/24 15:38:55 | 000,000,000 | ---D | M] -- C:\Users\Vratislav\AppData\Roaming\Seznam.cz
[2014/02/20 17:40:58 | 000,000,000 | ---D | M] -- C:\Users\Vratislav\AppData\Roaming\uTorrent
[2014/02/13 09:00:33 | 000,000,000 | ---D | M] -- C:\Users\Vratislav\AppData\Roaming\Win8StartMenuCustomizer

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes -> C:\Users\Vratislav\SkyDrive:ms-properties

< End of report >

[Vratka2CZ]

Extras.txt


OTL Extras logfile created on: 25. 2. 2014 13:40:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Vratislav\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,87 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 68,82% Memory free
4,56 Gb Paging File | 3,39 Gb Available in Paging File | 74,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 889,45 Gb Total Space | 858,68 Gb Free Space | 96,54% Space Free | Partition Type: NTFS
Drive D: | 25,00 Gb Total Space | 22,41 Gb Free Space | 89,65% Space Free | Partition Type: NTFS

Computer Name: AMPERCZ | User Name: Vratislav | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1238FEAB-269F-4021-BF4E-9089D877EA8E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1571165E-C57E-4721-B9A3-94CA7D417CF1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{17672DA2-5200-4E0E-892C-BCE60F90E3C4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1EF20325-6A23-4437-8A25-6C28D85EA15A}" = lport=139 | protocol=6 | dir=in | app=system |
"{26293685-A367-404E-82DA-48E960473C06}" = lport=138 | protocol=17 | dir=in | app=system |
"{278B7872-912D-494A-BBCD-4EDE31F0C1B1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2A59AE99-ECCD-4590-A1D5-5ED2768C8DC9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{338BB9FC-107F-4DA9-8CDD-6EF97DD99F5F}" = rport=139 | protocol=6 | dir=out | app=system |
"{3DE0F73E-2C6C-4A08-86ED-18B5D6027983}" = rport=445 | protocol=6 | dir=out | app=system |
"{3F137E9A-EEDC-4880-BD77-7F693FAFA3F9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C21E7F1-B862-4824-8BF8-41274687D46F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{508BE11B-3D7D-4C9D-A65D-B368E58C268F}" = lport=137 | protocol=17 | dir=in | app=system |
"{52CFE679-F9D6-4786-B77F-D2E4203F61F4}" = lport=445 | protocol=6 | dir=in | app=system |
"{5B758D80-D7DD-4D0C-ADBB-D1DCEA61BD3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{637A8269-F21E-4A71-8E0D-D54F4C50CC4E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7D4BCEE6-AF2D-4B8F-91E2-4D265ED58D7A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{81C46992-0873-4D1E-B0C6-6AEF8D7BAB74}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8EB441F8-6E76-4D4E-B77B-03C96CF9F5F4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BBEEED26-4900-4DB7-8613-39A86F868F1F}" = rport=137 | protocol=17 | dir=out | app=system |
"{C7436A02-412A-40FF-9B9F-816BD9D6CD8E}" = rport=138 | protocol=17 | dir=out | app=system |
"{F31141DE-DE32-4927-8036-1B6345E0FB6D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00E72DC5-9EA3-466F-88A0-7EF7BF42967D}" = dir=in | name=asphalt 8: airborne |
"{01BC6683-977E-43CB-9F10-85DB9162B965}" = dir=out | name=@{microsoft.bingfinance_3.0.2.229_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{025FA38C-C488-4BBE-BEFA-401ADB9D24E5}" = dir=out | name=juniper networks junos pulse |
"{05FA3098-A9F3-4776-8120-B5C5154EC60B}" = dir=in | name=despicable me: minion rush |
"{0869AB83-77CA-4F40-BF85-909547D8CC2F}" = dir=in | name=powerdvd for lenovo idea |
"{0AA22668-FB19-4442-9270-CE402378CF19}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0BB31D8C-13F2-4213-AA91-8FA3277D7D24}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{0BEEA06B-D282-4A20-B62E-9D14338491A4}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{0CE9526B-1A10-41EF-82A8-CF604667B425}" = dir=out | name=asphalt 8: airborne |
"{0F377C7D-B087-4FF1-8FDC-97064CD4F325}" = dir=out | name=windows_ie_ac_001 |
"{11809BE2-65B4-4E5C-8F1A-2C69F0508DC1}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{1717ABF7-C854-457F-99B7-AF8DCAA60357}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{175E09E5-58E0-4792-8E1B-0824E634622B}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{19F94EAD-AEB6-4C77-8CDF-DA8D9370360C}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{1B71E421-47A0-4E2D-850F-3FBFC3F2984D}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{1E0A2EC3-A267-4FED-B397-E42DEFF0EFB1}" = dir=out | name=čt sport |
"{1FBEBC56-7DA7-46AD-819B-3F1D593DDB7E}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{21EE0B0C-C7EB-4EFA-B2BB-66147E92727B}" = dir=in | name=check point vpn |
"{2360028A-6368-4176-A7CE-E57C0C943ECF}" = dir=in | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{237AF887-7708-4527-862B-924000A0F804}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{239BABCE-D641-4E2C-9493-CCD0215C5E6D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{24A3D167-079E-4941-967D-032CDDDC1605}" = dir=out | name=pinball fx2 |
"{259A7518-CB1F-4913-B7D3-07BA416804CA}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{28CC862D-61D0-4A0C-B393-CFBD186CF9DC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2D85B846-CC09-482C-8C1F-C5347FCB5D56}" = dir=out | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.115_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/whitelabel/app-name} |
"{2E4075E7-7E40-46F8-B6B6-FF30CC8EF859}" = dir=out | name=@{microsoft.zunemusic_2.2.550.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{35EBBBD6-9724-476C-A633-DD7DBB468EC9}" = dir=in | name=evernote touch |
"{389ADF7C-244D-4E1F-86BC-A404FF00D58B}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{39A836F4-31C6-4D04-83A6-A3421FB9F6B7}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{39BE001A-4241-49CF-9B05-C5897138807C}" = dir=out | name=windows_ie_ac_001 |
"{3A2031FB-5BA7-477B-9927-D89A7CE5D82F}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3A3A111B-B614-4E5A-A966-A84241E14D6E}" = dir=out | name=lenovo support |
"{3AF77A45-6CA6-4B59-97E0-9E5CA15D0C3E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3B7E66FE-B853-4902-A9FD-F0822DB96631}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3C8EDBD4-C723-4BBE-9A9E-E4BBBB0DD918}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{417CD6BC-2926-4E12-947E-415D5C546BE8}" = dir=out | name=play.cz |
"{427D2982-AA13-43EB-A66A-A007DCF83CF7}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{43D4BEE7-A9ED-4053-9275-68160424899C}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{447E68DB-4987-496E-8F4C-3DBEE630FFA5}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{46722337-447E-4DB4-80C6-608BC3B94465}" = dir=in | name=zinio |
"{486972C4-684C-4F92-9E4F-61DEA840454A}" = dir=out | name=f5 vpn |
"{49750072-BCDE-417C-B436-4C601B4899F5}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{4A0BECCF-F4C4-43A3-8109-A5DBB113C206}" = dir=out | name=accuweather for windows 8 |
"{4C21C0F7-B55C-4739-9446-3D29C156A948}" = dir=out | name=zinio |
"{4C3C2B34-BCFA-408F-B2DB-04CC16DF8B12}" = dir=out | name=@{microsoft.bingsports_3.0.2.229_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{4F10BA43-7CC7-4C8F-8659-404BE7BC5BFC}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{4FE50C7F-47E4-497D-A391-4B33C3D7B2CF}" = dir=out | name=evernote touch |
"{53DE1EE3-C18D-4FC8-A917-692F698A62CE}" = dir=in | app=c:\program files (x86)\lenovo\powerdvd10\powerdvd10.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5AAAB571-AA7E-48A5-9B53-B124D568DBDB}" = dir=out | name=@{microsoft.bingnews_3.0.2.229_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{5F01131D-5234-4BDC-9B55-12DBDEB8D6B7}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{5F411D38-2A93-483B-B39F-A58FC49D99AC}" = dir=in | name=@{filmonlivetvfree.filmonlivetvfree_1.3.6.115_x64__zx03kxexxb716?ms-resource://filmonlivetvfree.filmonlivetvfree/whitelabel/app-name} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6413C7ED-AFBA-4A13-AE2D-4EF681B46D47}" = dir=out | name=skype |
"{66728DCB-612F-409E-9934-C89169FA5A7D}" = dir=out | name=@{microsoft.bingtravel_3.0.2.229_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{66EFC690-5631-44A1-A4E3-6F97074A7BB7}" = dir=in | name=skype |
"{6919AFF5-6AD9-4ADB-9EBF-4701FDFB2859}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6EE3910F-E114-493C-8E70-E9A09E3740BA}" = dir=out | name=deník.cz |
"{6F431FE7-E8B7-42B8-91BE-C21F557B199D}" = dir=out | name=winter olympics medals 2014 |
"{705D45E7-44A0-443A-9E97-1110239C65E1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{7281DA3C-29B3-48D8-A313-04892A106247}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{73C748EE-6FBB-49FA-B3E6-567DD5D5C39E}" = dir=out | name=windows_ie_ac_001 |
"{74701EED-0F4F-478F-80BD-26084342FF2F}" = dir=out | name=@{microsoft.zunevideo_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{75243E04-CD5E-414F-AB84-E0F2F1F5BCA6}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.2.229_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{778ADF4B-90D4-4E23-8B33-56D967941927}" = dir=out | name=f1-live |
"{795C37B9-FCB3-4F6B-BE2A-DCC94AB2E314}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7A9AE205-EBB2-4AB2-ACE6-091A05FF15C8}" = dir=out | name=prima play |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{82651B12-8E7A-441E-9D64-A4505C73F44D}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{88544D84-DAAD-4F92-AAB6-C10B17AECBA8}" = dir=in | name=microsoft solitaire collection |
"{8975B795-100C-46A9-A9F9-40F6D98B6989}" = dir=out | name=instagram explorer |
"{8AD54AA0-63BC-4451-9DF0-12F23BFBDC5B}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{8C46FB72-EBED-48F2-9D2A-53FEE1F1B5B7}" = dir=out | name=powerdvd for lenovo idea |
"{90B6545B-8712-414F-A189-DABF21E78A8A}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9F88F528-4776-4568-B341-CB72ABA80AC0}" = dir=in | name=pinball fx2 |
"{A03A5FC0-9B9D-47A0-B7F8-663D06D27A2D}" = dir=out | name=česká rádia |
"{A1F8006E-F2F0-4314-8DE8-13837C71D540}" = dir=out | name=@{microsoft.bingfinance_2.0.0.275_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{A527645C-EA89-43F3-A294-F1FFD74AF7E2}" = dir=out | name=@{12199asparion.asparionclock_3.3.1.49_neutral__f89vgcf3qm37t?ms-resource://12199asparion.asparionclock/resources/sstorename} |
"{A5874D3A-19EE-4AF5-A4C6-66BADF867B23}" = protocol=6 | dir=out | app=system |
"{A8622432-B4A6-417C-853A-62DB554D8136}" = dir=in | name=juniper networks junos pulse |
"{A89678D2-2687-4E17-9AB5-CC39A0D674CA}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{AB0E99F6-11EB-4247-92B7-63D38F156694}" = dir=out | name=@{microsoft.bingweather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{ABCCCCE3-216B-438D-81CF-F1D7C8262768}" = dir=in | name=f5 vpn |
"{AD06E0F0-A375-447B-B190-379C6199E359}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AF5E3F4B-6DB1-466F-81E7-24F3FA13FE76}" = dir=out | name=sonicwall mobile connect |
"{AFB32A8F-CF15-4AE1-8456-1EBAC2E13FDC}" = dir=out | name=world clock - time zones |
"{B3B22AA9-7452-4A4A-8DB6-EBA8B1586421}" = dir=out | name=lenovo companion |
"{B6C52686-BFC7-4988-A771-A23B733C270C}" = dir=out | name=mcafee® central for lenovo |
"{BE92DA8E-9429-4BCB-8B58-8473B1F84A4A}" = dir=in | name=sonicwall mobile connect |
"{C43646F9-969B-4EB0-B7E1-F6C4AA788EB2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD156641-D5C9-4A22-8B74-1C88AD7FE0AE}" = dir=in | name=mcafee® central for lenovo |
"{CD56703B-AB6B-4463-9D05-EBDEAB6D6768}" = dir=in | name=push hockey |
"{D1B4872A-31BD-4E1A-B00D-B67ECEB430D2}" = dir=out | name=check point vpn |
"{D415DD49-0871-4395-8E27-E3DA23FE4198}" = dir=out | name=ivysílání |
"{D5EF3232-450E-46BC-9E0D-5FE59FA3475A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DA0BB515-6DF3-43CC-BCD4-3011D87B8C89}" = dir=out | name=@{microsoft.bingmaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{DB0D5306-B5D3-467F-B89B-545010C6BA0C}" = dir=out | name=lenovo cloud storage by sugarsync |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DC6160AE-B261-4B55-97E6-2D05C1DA2B26}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DF895A8B-11FC-41DD-831B-A233AC4C2DD9}" = dir=out | name=@{microsoft.zunemusic_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E8350B8C-CD62-4D96-A84C-577F1BB20D61}" = dir=out | name=@{microsoft.zunevideo_2.2.550.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{E87735DA-9D63-41BD-B09E-B1F0B1E56CCD}" = dir=out | name=push hockey |
"{E9A34F2D-F40C-4C80-BFED-8BEA27B73B8E}" = dir=out | name=despicable me: minion rush |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE116234-72B8-4A32-BD53-F1625E5D7856}" = dir=out | name=microsoft solitaire collection |
"{EF636F5E-66EE-4009-88C7-11A2C57C5F18}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.2.230_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{EFB4687F-88E4-4DC6-8C99-F86E8B9B2B21}" = dir=out | name=@{microsoft.skypeapp_1.2.0.129_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F95D9FCA-5D91-4385-9D5D-393B23E7D205}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FC6A5939-FF0F-4B1E-A3F6-E336AEF2D344}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FFB1649B-A3C7-4F36-9209-796A22DEBB0E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{205E0849-EBC1-59B1-E47F-BF00D985FE7D}" = AMD Catalyst Install Manager
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{67C5B1A5-0FEE-99A0-9327-7C9891C2A933}" = AMD Accelerated Video Transcoding
"{7629623D-F0D0-4AC6-A763-FBE06ED8288C}" = Intel(R) Rapid Storage Technology
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{EB21D768-6094-4F99-EBD1-2B427E956BBD}" = ccc-utility64
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F02F4A8B-1A5F-45B8-9B74-AAF21A2B1BCC}" = Lenovo Solution Center
"71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42" = Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)
"8A223E56FB1ED4F697B54E5BF96F1EB63B512684" = Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CPUID HWMonitor_is1" = CPUID HWMonitor 1.24
"Elantech" = Lenovo pointing device
"GIMP-2_is1" = GIMP 2.8.10
"Lenovo VeriFace" = Lenovo VeriFace
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"WinRAR archiver" = WinRAR 4.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"{03B79DEB-CED4-D03C-BDA9-03B61C22148F}" = CCC Help Greek
"{05D7D5A6-BB96-508A-975C-DC385E85BB87}" = CCC Help German
"{0601E632-C755-D1EA-6C9A-A769217BC054}" = CCC Help Polish
"{06C01D51-9F4F-8B69-0D6F-A78497480492}" = CCC Help Chinese Traditional
"{08988F3D-A2E5-B045-4650-B488CA5E254C}" = CCC Help Norwegian
"{0CBC1600-74DC-961B-E97E-4CC7E452CD1A}" = PX Profile Update
"{0CDE77F4-721C-E4E3-DFA4-61E19D838573}" = CCC Help Hungarian
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{1914F09B-F5FC-0655-585A-741C74EDC9E9}" = CCC Help Russian
"{1CC46F43-9F3F-6184-4B75-53D3C22DFEA7}" = CCC Help Danish
"{1E496A68-4943-424E-829D-5C3C85B7B8F2}" = Realtek USB Card Reader
"{20410976-63E9-641E-5185-858D0CB1A292}" = CCC Help Italian
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4768577A-704E-004A-909D-7666E57FA93D}" = Catalyst Control Center Graphics Previews Common
"{51FDC2DE-0917-46B7-EAEC-5377504701DE}" = PowerXpressHybrid
"{62C1C424-3CCE-70F8-5FA6-642F6B616C49}" = CCC Help Spanish
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6F15F6C2-55D6-2E61-E0CD-21E920115917}" = CCC Help Korean
"{740E5D4E-5A35-930B-B841-D0DA68427A86}" = Catalyst Control Center InstallProxy
"{7CBFA768-42C4-D088-15E3-576F0464E939}" = CCC Help Finnish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84278384-D499-9C95-05D9-01B685CC5B11}" = CCC Help English
"{8E766F50-BE9E-2DEC-192A-D3F498A80296}" = CCC Help Swedish
"{8EBA9661-9B47-831B-C251-C49E3FA65A3F}" = Catalyst Control Center Localization All
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A27F26F4-A35C-525A-1134-8C003FDC2F85}" = CCC Help Turkish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{BA29C872-F6E0-6D8C-E616-84B3D8845B70}" = CCC Help Czech
"{BD1A7A5F-95B4-1F5F-5BD0-5F1C54474861}" = Catalyst Control Center
"{C3A8A45B-41D2-7DB5-B326-B0B5A09ABED4}" = CCC Help Chinese Standard
"{C535BBC2-10C9-C7E9-9004-100A1D12A363}" = CCC Help Japanese
"{C89A97B6-F991-EBB5-77B7-927BCF420EBE}" = OEM Application Profile
"{C949C178-9F63-458F-A76C-C0AA14B92C5F}_is1" = Windows 8 Start Screen Customizer version 1.4.09
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D2C8A37B-D314-7D0A-904A-395D52179C34}" = Catalyst Control Center - Branding
"{DCA41E4A-E631-E7B1-5594-37D96076E193}" = Catalyst Control Center Profiles Mobile
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10
"{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}" = Lenovo EasyCamera
"{E282A9E2-B874-2988-1FAE-81A160DBEE3E}" = CCC Help Portuguese
"{E5C0929F-212E-83EA-FE40-5E3017E807DF}" = CCC Help Thai
"{E808BE53-CA28-5F4D-87E7-E0943A5B232C}" = CCC Help Dutch
"{F02E01FE-F622-C61F-393C-41EFDC987A82}" = CCC Help French
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = Lenovo YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = Lenovo PowerDVD10
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Intel AppUp(SM) center 33057" = Intel AppUp(SM) center
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"NIS" = Norton Internet Security
"PSPad editor_is1" = PSPad editor
"SugarSync" = SugarSync Manager
"uTorrent" = µTorrent
"VLC media player" = VLC media player 2.1.3
"Winamp" = Winamp

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 25. 2. 2014 8:37:11 | Computer Name = AmperCZ | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 25. 2. 2014 8:37:11 | Computer Name = AmperCZ | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 25. 2. 2014 8:37:11 | Computer Name = AmperCZ | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 25. 2. 2014 8:37:11 | Computer Name = AmperCZ | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 25. 2. 2014 8:37:39 | Computer Name = AmperCZ | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Calendar
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 25. 2. 2014 8:37:39 | Computer Name = AmperCZ | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 25. 2. 2014 8:37:39 | Computer Name = AmperCZ | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 25. 2. 2014 8:37:39 | Computer Name = AmperCZ | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 25. 2. 2014 8:37:39 | Computer Name = AmperCZ | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 25. 2. 2014 8:37:39 | Computer Name = AmperCZ | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1
se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

[ System Events ]
Error - 25. 2. 2014 8:37:07 | Computer Name = AmperCZ | Source = DCOM | ID = 10010
Description =

Error - 25. 2. 2014 8:37:07 | Computer Name = AmperCZ | Source = DCOM | ID = 10010
Description =

Error - 25. 2. 2014 8:37:08 | Computer Name = AmperCZ | Source = DCOM | ID = 10010
Description =

Error - 25. 2. 2014 8:37:08 | Computer Name = AmperCZ | Source = DCOM | ID = 10010
Description =

Error - 25. 2. 2014 8:37:34 | Computer Name = AmperCZ | Source = DCOM | ID = 10010
Description =

Error - 25. 2. 2014 8:37:34 | Computer Name = AmperCZ | Source = DCOM | ID = 10010
Description =

Error - 25. 2. 2014 8:37:34 | Computer Name = AmperCZ | Source = DCOM | ID = 10010
Description =

Error - 25. 2. 2014 8:37:34 | Computer Name = AmperCZ | Source = DCOM | ID = 10010
Description =

Error - 25. 2. 2014 8:37:35 | Computer Name = AmperCZ | Source = DCOM | ID = 10010
Description =

Error - 25. 2. 2014 8:37:35 | Computer Name = AmperCZ | Source = DCOM | ID = 10010
Description =


< End of report >

[jaro3]

Odinstaluj_
Seznam Lištička
Seznam.cz

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {86D30747-F535-48D4-A4AC-4243DD70C9D6}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{86D30747-F535-48D4-A4AC-4243DD70C9D6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{86D30747-F535-48D4-A4AC-4243DD70C9D6}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0C773B62-093D-44F8-8F13-947B36B8B483}: "URL" = http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{24591C75-48FD-4BE2-AB17-B3CFC64BA98E}: "URL" = http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{3617AD44-8BD6-4A3B-A672-90FEA6755465}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{6C6466F3-09E2-4016-8704-FCECFF491466}: "URL" = http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{970DB648-0075-4D34-BBAA-B9AC6CA953D6}: "URL" = http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{AA48F656-0747-4027-81BA-C264B7F2E9D8}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{DE438EAE-9D84-496F-9225-A7269C9BE602}: "URL" = http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\..\SearchScopes\{EDA100B9-F2F6-42D5-8681-0F0AE08A3DC8}: "URL" = http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp
C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms
C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms
C:\WINDOWS\SysNative\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
C:\WINDOWS\ativpsrm.bin

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\WINDOWS\SysNative\VfService.trf

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

[Vratka2CZ]

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service esgiguard stopped successfully!
Service esgiguard deleted successfully!
File C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{86D30747-F535-48D4-A4AC-4243DD70C9D6}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86D30747-F535-48D4-A4AC-4243DD70C9D6}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{86D30747-F535-48D4-A4AC-4243DD70C9D6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86D30747-F535-48D4-A4AC-4243DD70C9D6}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0C773B62-093D-44F8-8F13-947B36B8B483}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C773B62-093D-44F8-8F13-947B36B8B483}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{24591C75-48FD-4BE2-AB17-B3CFC64BA98E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{24591C75-48FD-4BE2-AB17-B3CFC64BA98E}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3617AD44-8BD6-4A3B-A672-90FEA6755465}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3617AD44-8BD6-4A3B-A672-90FEA6755465}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6C6466F3-09E2-4016-8704-FCECFF491466}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6C6466F3-09E2-4016-8704-FCECFF491466}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{970DB648-0075-4D34-BBAA-B9AC6CA953D6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{970DB648-0075-4D34-BBAA-B9AC6CA953D6}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA48F656-0747-4027-81BA-C264B7F2E9D8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA48F656-0747-4027-81BA-C264B7F2E9D8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DE438EAE-9D84-496F-9225-A7269C9BE602}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE438EAE-9D84-496F-9225-A7269C9BE602}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EDA100B9-F2F6-42D5-8681-0F0AE08A3DC8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EDA100B9-F2F6-42D5-8681-0F0AE08A3DC8}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableCAD deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File move failed. C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SysNative\ApnDatabase.xml scheduled to be moved on reboot.
File move failed. C:\ProgramData\DP45977C.lfl scheduled to be moved on reboot.
C:\WINDOWS\ativpsrm.bin moved successfully.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default.migrated

User: Public

User: Vratislav
->Temp folder emptied: 3693917 bytes
->Temporary Internet Files folder emptied: 9056073 bytes
->Google Chrome cache emptied: 356789275 bytes
->Flash cache emptied: 343 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10769932 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 363,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02262014_143644

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\SysWow64\connectedsearch-results.searchconnector-ms scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SysNative\connectedsearch-results.searchconnector-ms scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SysNative\ApnDatabase.xml scheduled to be moved on reboot.
C:\ProgramData\DP45977C.lfl moved successfully.
C:\Users\Vratislav\AppData\Local\Microsoft\Windows\INetCache\Low\SuggestedSites.dat moved successfully.
C:\Users\Vratislav\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Vratka2CZ]

Ten soubor když si ho dám do vyhledávání v PC tak mi ho najde, ale když ho chci vybrat v tom virustotal.com tak tam vůbec není..

[jaro3]

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

tohle sis nastavil?

Pokud ho vidíš , zkopíruj si soubor třeba na plochu a z tohoto umístění zkus VT znovu.

[Vratka2CZ]

Ano nastavil, zkusim to tedy překopírovat na plochu..

PS: jestli myslíte tento odkaz? https://www.virustotal.com/cs/file/de1285ea6b3d5e79ce9c74c0bb6bed73e9d3c4b0e56aceb9103ed18eec309af7/analysis/1393602108/

[jaro3]

Ok.

Spusť OTL a klikni na Vyčisti.

Co problémy?