Pomalý PC

Zpráva

031adam031 · #16 Příspěvek od **031adam031** » 28 pro 2013 20:59

ComboFix 13-12-26.01 - Logic PC . 12. 2013 20:45:21.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4079.2657 [GMT 1:00]
Running from: c:\users\Logic PC\Desktop\ComboFix.exe
Command switches used :: c:\users\Logic PC\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
SP: ESET NOD32 Antivirus 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\$AVG-SHREDDER-TMP-4027486f-393b-4311-a5b1-b2767e606368
c:\program files (x86)\VLC Player GPU+
c:\program files (x86)\VLC Player GPU+\deinstaller.exe
c:\program files (x86)\VLC Player GPU+\diablo130302.cl
c:\program files (x86)\VLC Player GPU+\diakgcn121016.cl
c:\program files (x86)\VLC Player GPU+\GPUMonitor.exe
c:\program files (x86)\VLC Player GPU+\Installer.exe
c:\program files (x86)\VLC Player GPU+\libcurl.dll
c:\program files (x86)\VLC Player GPU+\libeay32.dll
c:\program files (x86)\VLC Player GPU+\libidn-11.dll
c:\program files (x86)\VLC Player GPU+\libpdcurses.dll
c:\program files (x86)\VLC Player GPU+\lua5.1.dll
c:\program files (x86)\VLC Player GPU+\OpenCL.dll
c:\program files (x86)\VLC Player GPU+\path.inf
c:\program files (x86)\VLC Player GPU+\phatk121016.cl
c:\program files (x86)\VLC Player GPU+\poclbm130302.cl
c:\program files (x86)\VLC Player GPU+\pthreadGC2.dll
c:\program files (x86)\VLC Player GPU+\README
c:\program files (x86)\VLC Player GPU+\scrypt130302.cl
c:\program files (x86)\VLC Player GPU+\ssleay32.dll
c:\program files (x86)\VLC Player GPU+\uninstall.exe
c:\program files (x86)\VLC Player GPU+\Uninstall\IRIMG1.JPG
c:\program files (x86)\VLC Player GPU+\Uninstall\IRIMG2.JPG
c:\program files (x86)\VLC Player GPU+\Uninstall\uninstall.dat
c:\program files (x86)\VLC Player GPU+\Uninstall\uninstall.xml
c:\program files (x86)\VLC Player GPU+\zlib1.dll
c:\programdata\AVG2014
c:\programdata\AVG2014\$AVG\$VAULT\vault.db
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Skype C2C Service
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Files Created from 2013-11-28 to 2013-12-28 )))))))))))))))))))))))))))))))
.
.
2013-12-27 12:03 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5903F4CC-1D23-47DE-96F8-BA7924C4396A}\mpengine.dll
2013-12-27 11:09 . 2013-12-27 11:09 -------- d-----w- c:\program files (x86)\Aerosoft
2013-12-27 10:35 . 2013-12-27 10:36 -------- d-----w- C:\AdwCleaner
2013-12-26 16:23 . 2013-12-26 16:23 -------- d-----w- c:\users\Logic PC\AppData\Roaming\Malwarebytes
2013-12-26 16:23 . 2013-12-26 16:23 -------- d-----w- c:\programdata\Malwarebytes
2013-12-25 20:57 . 2013-12-25 20:58 -------- d-----w- c:\program files\trend micro
2013-12-25 20:57 . 2013-12-25 20:57 -------- d-----w- C:\rsit
2013-12-25 18:02 . 2013-12-25 18:02 -------- d-----w- c:\users\Logic PC\AppData\Local\ESET
2013-12-25 16:38 . 2013-12-25 16:38 -------- d-----w- c:\program files\ESET
2013-12-25 15:41 . 2013-12-25 15:41 -------- d-----w- c:\users\Logic PC\AppData\Roaming\Image-Line
2013-12-25 15:41 . 2013-12-25 15:41 -------- d-----w- c:\program files\Image-Line
2013-12-25 15:40 . 2013-12-25 15:40 -------- d-----w- c:\users\Logic PC\AppData\Roaming\FlowStone
2013-12-25 15:40 . 2013-12-25 15:40 -------- d-----w- c:\program files (x86)\DSPRobotics
2013-12-25 15:38 . 2013-12-25 15:38 -------- d-----w- C:\flstudio
2013-12-24 21:49 . 2013-12-25 15:41 -------- d-----w- c:\program files (x86)\Image-Line
2013-12-23 10:27 . 2013-12-24 22:12 -------- d-----w- c:\programdata\saviinshop
2013-12-23 10:27 . 2013-12-23 10:27 -------- d-----w- c:\programdata\1b13b76c6d07173b
2013-12-23 10:27 . 2013-12-24 22:11 -------- d-----w- c:\programdata\downloaduitkeep
2013-12-22 23:40 . 2013-12-23 00:40 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ
2013-12-20 18:18 . 2013-12-26 17:26 -------- d-----w- c:\program files (x86)\Seznam.cz
2013-12-20 18:18 . 2013-12-26 17:26 -------- d-----w- c:\users\Logic PC\AppData\Roaming\Seznam.cz
2013-12-20 18:18 . 2013-12-20 18:18 -------- d-----w- C:\totalcmd
2013-12-13 10:33 . 2013-12-13 10:33 -------- d-s---w- c:\windows\SysWow64\Microsoft
2013-12-13 10:18 . 2013-12-13 10:18 -------- d-----w- c:\users\Logic PC\AppData\Roaming\AVAST Software
2013-12-13 10:06 . 2013-10-31 06:46 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-12-13 10:06 . 2013-12-13 10:10 447888 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2013-12-12 21:27 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2013-12-12 21:27 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2013-12-12 21:27 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2013-12-12 21:27 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2013-12-12 21:27 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2013-12-12 18:54 . 2013-12-18 14:03 -------- d-----w- c:\program files (x86)\Valve
2013-12-12 18:47 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2013-12-12 18:47 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2013-12-12 18:47 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2013-12-12 18:47 . 2013-12-12 18:47 -------- d-----w- C:\Riot Games
2013-12-12 17:37 . 2013-12-12 17:37 -------- d-----w- c:\users\Logic PC\AppData\Local\Daring_Development_Inc
2013-12-05 16:19 . 2013-12-05 16:19 -------- d-----w- c:\program files\CCleaner
2013-12-03 16:23 . 2013-12-03 16:23 -------- d-----w- c:\users\Logic PC\AppData\Local\Macromedia
2013-12-03 16:22 . 2013-12-03 16:22 -------- d-----w- c:\programdata\McAfee
2013-12-03 16:14 . 2013-12-03 16:21 -------- d-----w- c:\users\Logic PC\AppData\Local\Mozilla
2013-11-30 14:00 . 2013-12-24 22:10 -------- d-----w- c:\program files (x86)\Shopping Suggestion
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-14 23:20 . 2013-08-12 11:27 90708896 ----a-w- c:\windows\system32\MRT.exe
2013-12-13 10:10 . 2013-08-19 11:12 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-12-13 10:05 . 2013-08-19 15:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-13 10:05 . 2013-08-19 15:17 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-11-26 17:28 . 2013-11-26 17:28 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 17:28 . 2013-11-26 17:28 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-26 17:28 . 2013-11-26 17:28 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-26 17:28 . 2013-11-26 17:28 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-26 17:28 . 2013-11-26 17:28 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-26 17:28 . 2013-11-26 17:28 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-26 17:28 . 2013-11-26 17:28 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-26 17:28 . 2013-11-26 17:28 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-26 17:28 . 2013-11-26 17:28 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-11-26 17:28 . 2013-11-26 17:28 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-11-26 17:28 . 2013-11-26 17:28 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-26 17:28 . 2013-11-26 17:28 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-11-26 17:28 . 2013-11-26 17:28 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-26 17:28 . 2013-11-26 17:28 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-26 17:28 . 2013-11-26 17:28 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-26 17:28 . 2013-11-26 17:28 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-26 17:28 . 2013-11-26 17:28 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-26 17:28 . 2013-11-26 17:28 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-26 17:28 . 2013-11-26 17:28 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-26 17:28 . 2013-11-26 17:28 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-26 17:28 . 2013-11-26 17:28 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-26 17:28 . 2013-11-26 17:28 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-11-26 17:28 . 2013-11-26 17:28 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-26 17:28 . 2013-11-26 17:28 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-26 17:28 . 2013-11-26 17:28 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-26 17:28 . 2013-11-26 17:28 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-26 17:28 . 2013-11-26 17:28 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-26 17:28 . 2013-11-26 17:28 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-26 17:28 . 2013-11-26 17:28 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-26 17:28 . 2013-11-26 17:28 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-26 17:28 . 2013-11-26 17:28 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-26 17:28 . 2013-11-26 17:28 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-26 17:28 . 2013-11-26 17:28 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-11-26 17:28 . 2013-11-26 17:28 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-26 17:28 . 2013-11-26 17:28 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-26 17:28 . 2013-11-26 17:28 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-11-26 17:28 . 2013-11-26 17:28 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-26 17:28 . 2013-11-26 17:28 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-26 17:28 . 2013-11-26 17:28 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-26 17:28 . 2013-11-26 17:28 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-26 17:28 . 2013-11-26 17:28 413696 ----a-w- c:\windows\system32\html.iec
2013-11-26 17:28 . 2013-11-26 17:28 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 17:28 . 2013-11-26 17:28 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-26 17:28 . 2013-11-26 17:28 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-26 17:28 . 2013-11-26 17:28 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-26 17:28 . 2013-11-26 17:28 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-26 17:28 . 2013-11-26 17:28 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-26 17:28 . 2013-11-26 17:28 235520 ----a-w- c:\windows\system32\url.dll
2013-11-26 17:28 . 2013-11-26 17:28 195584 ----a-w- c:\windows\system32\msrating.dll
2013-11-26 17:28 . 2013-11-26 17:28 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-26 17:28 . 2013-11-26 17:28 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-26 17:28 . 2013-11-26 17:28 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-26 17:28 . 2013-11-26 17:28 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-26 17:28 . 2013-11-26 17:28 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-26 17:28 . 2013-11-26 17:28 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-26 17:28 . 2013-11-26 17:28 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-26 17:28 . 2013-11-26 17:28 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-26 17:28 . 2013-11-26 17:28 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-26 17:28 . 2013-11-26 17:28 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-26 11:25 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-10-31 16:19 . 2013-09-21 14:16 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-10-31 09:53 . 2013-09-21 13:46 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-10-14 17:00 . 2013-11-26 17:31 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-10-12 02:30 . 2013-11-13 13:14 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-10-12 02:29 . 2013-11-13 13:14 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-12 02:29 . 2013-11-13 13:14 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-10-12 02:03 . 2013-11-13 13:14 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01 . 2013-11-13 13:14 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-10-05 20:25 . 2013-11-13 13:14 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-10-05 19:57 . 2013-11-13 13:14 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-10-04 02:28 . 2013-11-13 13:14 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 02:25 . 2013-11-13 13:14 197120 ----a-w- c:\windows\system32\credui.dll
2013-10-04 02:24 . 2013-11-13 13:14 1930752 ----a-w- c:\windows\system32\authui.dll
2013-10-04 01:58 . 2013-11-13 13:14 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-13 13:14 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-10-04 01:56 . 2013-11-13 13:14 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-10-03 02:23 . 2013-11-13 13:14 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-10-03 02:00 . 2013-11-13 13:14 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-06-24 5199984]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2013-09-12 5618456]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.sk/
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer-2.x/UnityWebPlayer.cab
FF - ProfilePath - c:\users\Logic PC\AppData\Roaming\Mozilla\Firefox\Profiles\ex0rp68p.default\
FF - ExtSQL: 2013-12-03 17:16; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Logic PC\AppData\Roaming\Mozilla\Firefox\Profiles\ex0rp68p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{434D452D-5637-006A-76A7-7A786E7484D7} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-BetterSurf Plus V1 - c:\program files (x86)\BetterSurf\BetterSurfPlusV1\uninstall.exe
AddRemove-VLC Player GPU+11.041.44 - c:\program files (x86)\VLC Player GPU+\uninstall.exe
AddRemove-Webexp Enhanced - c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\uninstall.exe
AddRemove-{1C52B8B6-FFA2-12F6-0A5A-E8301F96A568} - c:\programdata\downloaduitkeep\sqTwSgf.exe
AddRemove-{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} - c:\programdata\SaveNshare.\y93.exe
AddRemove-{70BD2558-27DA-8B02-02D0-D8704ECD2EDF} - c:\programdata\saviinshop\MFVU.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\DllHost.exe
.
**************************************************************************
.
Completion time: 2013-12-28 20:54:56 - machine was rebooted
ComboFix-quarantined-files.txt 2013-12-28 19:54
ComboFix2.txt 2013-12-28 18:08
.
Pre-Run: 99 589 259 264 bytes free
Post-Run: 99 277 627 392 bytes free
.
- - End Of File - - 63A74530952E64B1E578B7FA8BA443A3
A36C5E4F47E84449FF07ED3517B43A31

#17 Příspěvek od **Márty84** » 28 pro 2013 21:58

Dejte novy log z RSIT

031adam031 · #18 Příspěvek od **031adam031** » 28 pro 2013 22:22

Logfile of random's system information tool 1.09 (written by random/random)
Run by Logic PC at 2013-12-28 22:22:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 95 GB (32%) free of 300 GB
Total RAM: 4079 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:22:18, on 28. 12. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\Logic PC.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {444785F1-DE89-4295-863A-D46C3A781394} (UnityWebPlayer Control) - http://webplayer.unity3d.com/download_w ... Player.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6289 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1872
C:\Windows\system32\SearchIndexer.exe /Embedding
taskeng.exe {08F5978E-8FD6-4102-BB0C-B5B87E3D9647}
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\explorer.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\Logic PC\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Logic PC\AppData\Roaming\Mozilla\Firefox\Profiles\ex0rp68p.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-15 190536]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2013-09-12 5618456]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-06-24 5199984]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-09-28 642728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-12-28 20:55:00 ----D---- C:\Windows\temp
2013-12-28 20:54:57 ----A---- C:\ComboFix.txt
2013-12-28 20:51:07 ----D---- C:\$RECYCLE.BIN
2013-12-28 19:01:16 ----A---- C:\Windows\zip.exe
2013-12-28 19:01:16 ----A---- C:\Windows\SWSC.exe
2013-12-28 19:01:16 ----A---- C:\Windows\SWREG.exe
2013-12-28 19:01:16 ----A---- C:\Windows\sed.exe
2013-12-28 19:01:16 ----A---- C:\Windows\PEV.exe
2013-12-28 19:01:16 ----A---- C:\Windows\NIRCMD.exe
2013-12-28 19:01:16 ----A---- C:\Windows\MBR.exe
2013-12-28 19:01:16 ----A---- C:\Windows\grep.exe
2013-12-28 19:00:51 ----D---- C:\Qoobox
2013-12-28 19:00:37 ----D---- C:\Windows\erdnt
2013-12-27 12:09:37 ----D---- C:\Program Files (x86)\Aerosoft
2013-12-27 11:35:51 ----D---- C:\AdwCleaner
2013-12-26 17:23:10 ----D---- C:\Users\Logic PC\AppData\Roaming\Malwarebytes
2013-12-26 17:23:03 ----D---- C:\ProgramData\Malwarebytes
2013-12-25 21:57:52 ----D---- C:\Program Files\trend micro
2013-12-25 21:57:51 ----D---- C:\rsit
2013-12-25 17:38:15 ----D---- C:\ProgramData\ESET
2013-12-25 17:38:15 ----D---- C:\Program Files\ESET
2013-12-25 16:41:51 ----D---- C:\ProgramData\Real
2013-12-25 16:41:10 ----D---- C:\Users\Logic PC\AppData\Roaming\Image-Line
2013-12-25 16:41:09 ----D---- C:\Program Files\Image-Line
2013-12-25 16:40:54 ----D---- C:\Users\Logic PC\AppData\Roaming\FlowStone
2013-12-25 16:40:54 ----D---- C:\Program Files (x86)\DSPRobotics
2013-12-25 16:38:39 ----D---- C:\flstudio
2013-12-24 22:49:49 ----D---- C:\Program Files (x86)\Image-Line
2013-12-23 11:27:24 ----D---- C:\ProgramData\saviinshop
2013-12-23 11:27:17 ----D---- C:\ProgramData\1b13b76c6d07173b
2013-12-23 11:27:16 ----D---- C:\ProgramData\downloaduitkeep
2013-12-23 11:05:43 ----A---- C:\Windows\system32\FNTCACHE.DAT
2013-12-23 00:40:01 ----AD---- C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ
2013-12-20 19:18:55 ----D---- C:\Program Files (x86)\Seznam.cz
2013-12-20 19:18:31 ----D---- C:\Users\Logic PC\AppData\Roaming\Seznam.cz
2013-12-20 19:18:25 ----D---- C:\totalcmd
2013-12-13 11:33:57 ----SD---- C:\Windows\SYSWOW64\Microsoft
2013-12-13 11:18:32 ----D---- C:\Users\Logic PC\AppData\Roaming\AVAST Software
2013-12-13 11:06:35 ----A---- C:\Windows\system32\drivers\aswFW.sys
2013-12-13 11:06:32 ----A---- C:\Windows\system32\drivers\aswNdisFlt.sys
2013-12-12 22:27:21 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 22:27:21 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 22:27:20 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 22:27:19 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 22:25:55 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 22:25:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-12 22:25:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-12 22:25:54 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 22:25:54 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 22:25:54 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 22:25:54 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 22:25:54 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 22:25:53 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 22:25:53 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 22:25:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 22:25:53 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 22:25:52 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-12 22:25:52 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 22:25:52 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 22:25:51 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-12 22:25:51 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 22:25:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-12 22:25:50 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-12 22:25:50 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-12 22:25:50 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 22:25:49 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 22:25:49 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 22:25:48 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 22:25:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-12 22:25:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-12 22:25:46 ----A---- C:\Windows\system32\jscript9.dll
2013-12-12 19:54:27 ----D---- C:\Program Files (x86)\Valve
2013-12-12 19:47:36 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2013-12-12 19:47:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2013-12-12 19:47:35 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2013-12-12 19:47:12 ----D---- C:\Riot Games
2013-12-12 14:32:33 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 14:32:33 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 14:32:30 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 14:32:30 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 14:32:30 ----A---- C:\Windows\system32\win32k.sys
2013-12-12 14:32:28 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 14:32:28 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 14:32:27 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 14:32:27 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 14:32:25 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 14:32:25 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 14:32:04 ----A---- C:\Windows\system32\cscript.exe
2013-12-12 14:32:03 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 14:32:03 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 14:32:03 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 14:32:03 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 14:32:03 ----A---- C:\Windows\system32\scrrun.dll
2013-12-05 17:19:29 ----D---- C:\Program Files\CCleaner
2013-12-03 17:22:01 ----D---- C:\ProgramData\McAfee
2013-11-30 15:00:13 ----D---- C:\Program Files (x86)\Shopping Suggestion

======List of files/folders modified in the last 1 month======

2013-12-28 22:19:58 ----D---- C:\ProgramData\PMB Files
2013-12-28 20:55:01 ----D---- C:\Windows\system32\drivers
2013-12-28 20:55:00 ----D---- C:\Windows
2013-12-28 20:54:48 ----D---- C:\Windows\system32\config
2013-12-28 20:52:50 ----A---- C:\Windows\SYSWOW64\log.txt
2013-12-28 20:51:09 ----A---- C:\Windows\system.ini
2013-12-28 20:51:04 ----D---- C:\Windows\system32\drivers\etc
2013-12-28 20:48:54 ----RD---- C:\Program Files (x86)
2013-12-28 20:48:54 ----D---- C:\ProgramData
2013-12-28 20:47:23 ----D---- C:\Windows\SYSWOW64\drivers
2013-12-28 20:47:23 ----D---- C:\Windows\SysWOW64
2013-12-28 20:47:23 ----D---- C:\Windows\AppPatch
2013-12-28 20:47:22 ----D---- C:\Program Files (x86)\Common Files
2013-12-28 18:58:31 ----D---- C:\Users\Logic PC\AppData\Roaming\uTorrent
2013-12-27 12:16:27 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-12-27 12:16:10 ----SHD---- C:\System Volume Information
2013-12-27 12:14:49 ----D---- C:\Windows\Prefetch
2013-12-27 11:36:44 ----D---- C:\Windows\system32\Tasks
2013-12-27 11:36:44 ----D---- C:\Windows\System32
2013-12-26 23:05:14 ----D---- C:\Users\Logic PC\AppData\Roaming\DAEMON Tools Lite
2013-12-26 20:40:55 ----D---- C:\Windows\inf
2013-12-26 16:54:07 ----D---- C:\ProgramData\MFAData
2013-12-25 21:57:52 ----RD---- C:\Program Files
2013-12-25 17:44:10 ----SHD---- C:\Windows\Installer
2013-12-25 17:38:45 ----D---- C:\Windows\system32\DriverStore
2013-12-25 17:38:45 ----D---- C:\Windows\system32\catroot
2013-12-24 23:06:36 ----D---- C:\Windows\Tasks
2013-12-24 22:58:32 ----D---- C:\Windows\system32\catroot2
2013-12-23 11:08:55 ----D---- C:\Windows\system32\LogFiles
2013-12-17 19:18:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-17 15:03:39 ----D---- C:\Users\Logic PC\AppData\Roaming\Skype
2013-12-16 17:54:36 ----D---- C:\Windows\debug
2013-12-15 00:21:31 ----D---- C:\Windows\system32\MRT
2013-12-15 00:20:01 ----A---- C:\Windows\system32\MRT.exe
2013-12-13 17:20:57 ----D---- C:\Windows\rescache
2013-12-13 16:02:17 ----D---- C:\ProgramData\AVAST Software
2013-12-13 16:02:17 ----D---- C:\Program Files\AVAST Software
2013-12-13 12:15:11 ----D---- C:\Windows\Logs
2013-12-13 11:39:15 ----D---- C:\Users\Logic PC\AppData\Roaming\TuneUp Software
2013-12-13 11:11:03 ----D---- C:\Windows\winsxs
2013-12-13 11:10:58 ----A---- C:\Windows\system32\aswBoot.exe
2013-12-13 11:05:27 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-13 11:01:12 ----D---- C:\Program Files\Windows Media Player
2013-12-13 11:01:12 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-13 11:01:11 ----D---- C:\Program Files\Internet Explorer
2013-12-13 11:01:11 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-13 11:01:10 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-12-13 11:01:09 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-13 11:01:09 ----D---- C:\Windows\system32\sk-SK
2013-12-13 11:01:09 ----D---- C:\Windows\system32\en-US
2013-12-12 22:27:04 ----D---- C:\ProgramData\Microsoft Help
2013-12-12 19:47:14 ----SHD---- C:\Windows\SYSWOW64\AI_RecycleBin
2013-12-08 16:41:16 ----D---- C:\Program Files (x86)\Microsoft Office
2013-12-05 17:40:54 ----D---- C:\Windows\SYSWOW64\LogFiles
2013-12-05 17:40:52 ----D---- C:\Windows\Panther
2013-12-05 17:40:52 ----D---- C:\Windows\Minidump
2013-12-03 17:23:06 ----SD---- C:\Users\Logic PC\AppData\Roaming\Microsoft
2013-12-03 17:14:50 ----D---- C:\Users\Logic PC\AppData\Roaming\Mozilla
2013-12-03 17:13:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-03 17:11:33 ----D---- C:\Windows\SYSWOW64\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-23 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2013-09-17 157432]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-08-13 10697216]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-08-13 460288]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2012-10-18 1930240]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-08-13 96896]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2012-04-25 104560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2011-09-22 56600]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2011-06-14 2159728]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-28 26440]
R3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-28 16200]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 netr28ux;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\Windows\system32\drivers\WmHidLo.sys [2010-04-28 36936]
S3 xnacc;XBOX 360 Controller For Windows Driver Service; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-08-13 239616]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2013-09-12 1337752]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-04-17 326424]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-04-17 2594584]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2011-06-14 27760]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-12-11 569768]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-12 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#19 Příspěvek od **Márty84** » 29 pro 2013 08:35

Jeste jeden sken a budem mazat.

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

031adam031 · #20 Příspěvek od **031adam031** » 29 pro 2013 12:30

OTL Extras logfile created on: 29. 12. 2013 11:59:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Logic PC\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,98 Gb Total Physical Memory | 2,88 Gb Available Physical Memory | 72,31% Memory free
7,96 Gb Paging File | 6,70 Gb Available in Paging File | 84,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292,87 Gb Total Space | 92,57 Gb Free Space | 31,61% Space Free | Partition Type: NTFS
Drive D: | 172,79 Gb Total Space | 170,36 Gb Free Space | 98,59% Space Free | Partition Type: NTFS

Computer Name: WINCTRL-LUJQNM6 | User Name: Logic PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2420748238-3054550-4101967364-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B702F2-34AD-421A-92BF-BD1CF2F08374}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3838D68C-23F1-4B26-BD07-B76799BDAD38}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3ABD8B52-4488-4854-A822-3D08E00EBAB5}" = rport=139 | protocol=6 | dir=out | app=system |
"{48ED61BB-C4D0-4A4C-AF36-27D8EEF03014}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B727141-8E48-4AF7-9916-2CA99F02AF60}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5ECE2084-19AC-41D6-8F3E-CC05C4A52E90}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6030AD57-D797-49DD-8616-6F87AE8F42F6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{66563010-3510-43FE-A65D-07D22C2565D9}" = lport=137 | protocol=17 | dir=in | app=system |
"{6845225F-7C80-41C7-84E9-165AD7811B9B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{708ACA26-0C6E-4102-95E6-FFCBFCAFCCE8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{77437F0A-4F07-4C26-AFDE-4D506F7F6EA2}" = lport=138 | protocol=17 | dir=in | app=system |
"{7CB23CB6-0688-407F-B2A8-3E948947D43E}" = lport=445 | protocol=6 | dir=in | app=system |
"{806FC9A0-A506-4C15-B251-A4DB680DE9E1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{80903C43-076A-412F-AB4B-551758012D9B}" = rport=445 | protocol=6 | dir=out | app=system |
"{97C25E33-5FCC-43D9-8485-6A729CA03D1E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A78614A5-C970-4A40-A66F-53ACE8D0AE3A}" = rport=137 | protocol=17 | dir=out | app=system |
"{AA782D52-1145-4100-BCD2-625B73B4E7DF}" = rport=138 | protocol=17 | dir=out | app=system |
"{AF1F6D45-3D84-44F9-849A-F9BBD1008FDB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{D2BBBE1C-CC3A-48D8-86EC-FA2D6AD50059}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E1E673B9-6DCD-4130-B88B-43AC08963D69}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{ECDACF39-1D04-4BEB-AA53-D821B5C56772}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FCBBFB0D-9A9A-4E1F-835B-97961C0204AA}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09FD0BAC-1A0A-4AB0-A5E2-85E115F3CA08}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0AE8265D-4495-4612-A9B4-4759C0B01327}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{14553A83-2BB3-433C-8073-C2A5CC14CFA2}" = protocol=6 | dir=in | app=d:\avg\avgmfapx.exe |
"{160E3B41-805D-405D-BEC0-E32A07E17EE2}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{23A837B5-556D-427A-AB19-C9D4B766B0E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{287FA6C7-F2FE-4F87-8564-77C65F192A8E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2EDD8884-7A85-4E8F-B315-630FBEC64D74}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3345C83A-697F-427A-A045-F1F869F0F966}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{33544549-CB8D-4E9C-8EE0-AC856FB2423F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3CD43316-E8CF-44CE-8B44-A9D92BCF94F7}" = protocol=6 | dir=out | app=system |
"{43F50EE6-F81B-41F3-9C8C-8E9DB6CF00B2}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4BF146DD-DBB6-4D91-AC84-AF595506118B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{61AB39FB-D896-42C4-8A69-C1E5DB63A6BC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{734A0EB5-ECB4-459E-9F8E-0F642EAB1F30}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{842B14F7-169B-4BA4-991B-5E4ACB42F625}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{86BD2C7B-3970-47A1-A206-B4CC13355026}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9033B3DA-4C73-4A15-93BF-98624B58ECBE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C4C10267-0371-4D49-8EC2-3530CF0A0528}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CBFC524C-4AE8-4156-AAF4-DCC49C6A88A4}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{CECAF2B3-832B-4741-A69C-685260AE241D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D1015025-643B-4B28-936E-0EF48E13095D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D3A20FD1-99C2-48F2-8CE1-DD87E18381D4}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D6ED4AC8-E712-463A-935C-32F0EC454DB2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DF45B54B-BD62-4264-AD89-458CAC636545}" = protocol=17 | dir=in | app=d:\avg\avgmfapx.exe |
"{E43CC218-380C-47A3-9BB2-05E5CF36FA52}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F208F644-BBFB-43AE-9563-D215F47897DD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F375BABD-4161-4731-8150-D8D82CD1D34E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0068BE86-5932-474B-B5EB-FBCC9348831D}C:\users\logic pc\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\logic pc\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{1B5BC5E3-BEBE-4ED7-8C1C-7B760A2F249B}C:\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd.exe |
"TCP Query User{2C8BFFEE-793B-4A69-A9C4-F287712A6E27}C:\program files (x86)\city car driving\bin\win32\starter.exe" = protocol=6 | dir=in | app=c:\program files (x86)\city car driving\bin\win32\starter.exe |
"TCP Query User{D5986AD1-3745-409F-88EC-D939E5812C4C}C:\users\logic pc\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\logic pc\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{E5E7FB00-DB52-4FD3-A599-97E9FD536215}C:\totalcmd\totalcmd64.exe" = protocol=6 | dir=in | app=c:\totalcmd\totalcmd64.exe |
"UDP Query User{2719CB92-72A3-4F91-B489-69DCD827D178}C:\program files (x86)\city car driving\bin\win32\starter.exe" = protocol=17 | dir=in | app=c:\program files (x86)\city car driving\bin\win32\starter.exe |
"UDP Query User{909D1635-768C-41A6-8F50-6711034357C4}C:\users\logic pc\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\logic pc\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{9686037F-EE83-46CC-99D3-232F26490D63}C:\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd.exe |
"UDP Query User{DD105AB2-5081-4DCB-8962-C4443F03E25A}C:\totalcmd\totalcmd64.exe" = protocol=17 | dir=in | app=c:\totalcmd\totalcmd64.exe |
"UDP Query User{EFE5B394-19F3-4CB7-A16B-893A3A554D5D}C:\users\logic pc\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\logic pc\appdata\roaming\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0407893F-352C-B182-E04A-A8C3333DA29B}" = AMD Drag and Drop Transcoding
"{0DCAB5DD-CC69-271A-CF03-F2BD6B60BD8A}" = AMD Media Foundation Decoders
"{1444D2EE-C7AD-44A8-844F-2634B49353D1}" = Logitech Gaming Software 5.10
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{23BA8EDF-3278-45E6-BB01-99E9A26478FD}" = ESET NOD32 Antivirus
"{46DA7FD9-8BC1-7BA8-98D1-27F46647871B}" = AMD Catalyst Install Manager
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{504184A2-1B0E-5D93-603A-517E93E7EDB3}" = AMD Accelerated Video Transcoding
"{57580625-C673-7FEA-8791-E84B7AAF5069}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0F7A6FD0-87F5-FB5D-973C-CF604DE1BC6B}" = CCC Help Polish
"{1A9BE3D6-4D53-2C9D-B77D-562D85936B91}" = CCC Help Norwegian
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1C52B8B6-FFA2-12F6-0A5A-E8301F96A568}" = downloaduitkeep
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{210DFA65-F805-1A2B-4F83-8E27279AE385}" = Catalyst Control Center Graphics Previews Common
"{29822CAD-C76A-0BEE-55F5-AAA524DA814F}" = CCC Help Greek
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}" = TP-LINK 150Mbps Wireless N USB Adapter Driver
"{3A1293DF-7D09-BB0F-9576-EC47EE4A9362}" = CCC Help Italian
"{47416F0B-6589-591E-C6F8-4235D2230B14}" = Catalyst Control Center InstallProxy
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.9
"{625FC7D1-656D-1BEC-F86F-3EACAFDAA8FE}" = CCC Help English
"{62D82EC1-0D3A-DF54-8E3E-07E1337A5311}" = SaveNshare.
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{70BD2558-27DA-8B02-02D0-D8704ECD2EDF}" = saviinshop
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7351EEF8-9D6C-5F46-5A19-F2C7456CE132}" = CCC Help German
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7F172E34-4107-8964-6AEA-5051FFD265FF}" = CCC Help Portuguese
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86095E92-1959-8364-920E-82E81F64F8FB}" = Catalyst Control Center
"{89D05F35-933A-89C0-B935-C92BEE4229BD}" = CCC Help French
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PROR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{959E4378-CCA1-E4E4-2425-793DA92E8D95}" = CCC Help Czech
"{96BB3C67-4EB4-9757-E0C2-C0D2FE9053B1}" = CCC Help Turkish
"{974F4B73-2017-E174-9070-3F58F01B341F}" = CCC Help Danish
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98E20A18-3C29-86FA-50B4-918C2B34A082}" = CCC Help Hungarian
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E2E5EB3-DC6E-9277-E9DB-13175E7DDA39}" = CCC Help Dutch
"{AAACC0A5-4382-04D0-C75E-0669C7B949B6}" = CCC Help Japanese
"{AC76BA86-7AD7-1051-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Slovak
"{ACEF4078-9B86-2455-E18D-34D52D37D9D5}" = CCC Help Chinese Standard
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B55FB422-B803-11F5-5582-B3666EA1B9AC}" = Catalyst Control Center Localization All
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8010864-15F8-613B-20EF-AC35B14B3E0D}" = CCC Help Russian
"{C1342411-5A98-DE8A-5629-D0C518E1C280}" = CCC Help Finnish
"{CC457F3D-5CDE-4CE8-9685-90A4EDE81374}_is1" = City Car Driving 1.2.2
"{D08B4177-5160-6B66-8934-2F9012134D61}" = CCC Help Thai
"{D34A6029-FB1A-9EA8-A938-5393F82A3A00}" = CCC Help Korean
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{E3A09D13-4D40-3CF8-7D32-8BD55F8D1533}" = CCC Help Spanish
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2C35491-9323-3AE7-6023-6B4128045153}" = CCC Help Swedish
"{FC66A32F-1A57-AC5C-4F12-DAC2F4CB77A0}" = CCC Help Chinese Traditional
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"BetterSurf Plus V1" = BetterSurf Plus V1
"DAEMON Tools Lite" = DAEMON Tools Lite
"FL Studio 11" = FL Studio 11
"FlowStone" = FlowStone FL 3.0
"IL Shared Libraries" = IL Shared Libraries
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"League of Legends 3.0.1" = League of Legends
"Migration System Updater RBP" = Migration System Updater RBP
"Mozilla Firefox 25.0 (x86 sk)" = Mozilla Firefox 25.0 (x86 sk)
"PROR" = Microsoft Office Professional 2007
"VLC Player GPU+11.041.44" = GPU Monitor
"Webexp Enhanced" = Webexp Enhanced

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2420748238-3054550-4101967364-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 27. 12. 2013 6:39:25 | Computer Name = WINCTRL-LUJQNM6 | Source = WinMgmt | ID = 10
Description =

Error - 27. 12. 2013 8:01:43 | Computer Name = WINCTRL-LUJQNM6 | Source = WinMgmt | ID = 10
Description =

Error - 27. 12. 2013 12:10:10 | Computer Name = WINCTRL-LUJQNM6 | Source = WinMgmt | ID = 10
Description =

Error - 28. 12. 2013 7:41:30 | Computer Name = WINCTRL-LUJQNM6 | Source = WinMgmt | ID = 10
Description =

Error - 28. 12. 2013 8:26:48 | Computer Name = WINCTRL-LUJQNM6 | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: firefox.exe, verzia: 25.0.0.5046, časová
značka: 0x526b1e27 Názov chybového modulu: xul.dll, verzia: 25.0.0.5046, časová
značka: 0x526b1d27 Kód výnimky: 0xc0000005 Odstup chyby: 0x001157e7 Identifikácia chybného
procesu: 0x984 Čas spustenia chybnej aplikácie: 0x01cf03c710d29215 Cesta chybnej
aplikácie: D:\firefox.exe Cesta chybného modulu: D:\xul.dll Identifikácia hlásenia:
51eafe5f-6fbb-11e3-9331-6c626d3db0c6

Error - 28. 12. 2013 10:33:50 | Computer Name = WINCTRL-LUJQNM6 | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: firefox.exe, verzia: 25.0.0.5046, časová
značka: 0x526b1e27 Názov chybového modulu: xul.dll, verzia: 25.0.0.5046, časová
značka: 0x526b1d27 Kód výnimky: 0xc0000005 Odstup chyby: 0x001157e7 Identifikácia chybného
procesu: 0xbc0 Čas spustenia chybnej aplikácie: 0x01cf03cffad84230 Cesta chybnej
aplikácie: D:\firefox.exe Cesta chybného modulu: D:\xul.dll Identifikácia hlásenia:
10db5703-6fcd-11e3-9331-6c626d3db0c6

Error - 28. 12. 2013 13:54:40 | Computer Name = WINCTRL-LUJQNM6 | Source = WinMgmt | ID = 10
Description =

Error - 28. 12. 2013 15:52:16 | Computer Name = WINCTRL-LUJQNM6 | Source = WinMgmt | ID = 10
Description =

Error - 29. 12. 2013 6:48:31 | Computer Name = WINCTRL-LUJQNM6 | Source = WinMgmt | ID = 10
Description =

Error - 29. 12. 2013 6:58:32 | Computer Name = WINCTRL-LUJQNM6 | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.69.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: f18 Start Time:
01cf0484a6d67a56 Termination Time: 0 Application Path: C:\Users\Logic PC\Desktop\OTL.exe

Report
Id:

[ System Events ]
Error - 28. 12. 2013 14:07:01 | Computer Name = WINCTRL-LUJQNM6 | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 28. 12. 2013 14:07:26 | Computer Name = WINCTRL-LUJQNM6 | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označená ako interaktívna služba. Systém
je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.

Error - 28. 12. 2013 15:45:05 | Computer Name = WINCTRL-LUJQNM6 | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 28. 12. 2013 15:45:05 | Computer Name = WINCTRL-LUJQNM6 | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 28. 12. 2013 15:47:19 | Computer Name = WINCTRL-LUJQNM6 | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označená ako interaktívna služba. Systém
je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.

Error - 28. 12. 2013 15:48:49 | Computer Name = WINCTRL-LUJQNM6 | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 28. 12. 2013 15:48:49 | Computer Name = WINCTRL-LUJQNM6 | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.

Error - 28. 12. 2013 15:49:19 | Computer Name = WINCTRL-LUJQNM6 | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označená ako interaktívna služba. Systém
je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.

Error - 28. 12. 2013 15:49:24 | Computer Name = WINCTRL-LUJQNM6 | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označená ako interaktívna služba. Systém
je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne
nebude pracovať správne.

Error - 28. 12. 2013 17:47:15 | Computer Name = WINCTRL-LUJQNM6 | Source = DCOM | ID = 10010
Description =

< End of report >

031adam031 · #21 Příspěvek od **031adam031** » 29 pro 2013 12:31

OTL logfile created on: 29. 12. 2013 11:59:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Logic PC\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,98 Gb Total Physical Memory | 2,88 Gb Available Physical Memory | 72,31% Memory free
7,96 Gb Paging File | 6,70 Gb Available in Paging File | 84,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 292,87 Gb Total Space | 92,57 Gb Free Space | 31,61% Space Free | Partition Type: NTFS
Drive D: | 172,79 Gb Total Space | 170,36 Gb Free Space | 98,59% Space Free | Partition Type: NTFS

Computer Name: WINCTRL-LUJQNM6 | User Name: Logic PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/12/29 11:56:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Logic PC\Desktop\OTL.exe
PRC - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/04/17 10:06:10 | 002,594,584 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012/04/17 10:06:08 | 000,326,424 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

========== Modules (No Company Name) ==========

========== Services (SafeList) ==========

SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/09/12 12:06:22 | 001,337,752 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2013/08/13 09:51:47 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/06/14 20:42:48 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2013/12/11 20:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/04/17 10:06:10 | 002,594,584 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/04/17 10:06:08 | 000,326,424 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/09/17 15:17:38 | 000,239,320 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/09/17 15:17:38 | 000,168,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2013/09/17 15:17:38 | 000,157,432 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2013/08/23 14:25:09 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/08/13 09:51:55 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/08/13 09:51:48 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/08/13 09:51:48 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/10/18 14:04:12 | 001,930,240 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
DRV:64bit: - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/04/25 14:07:20 | 000,104,560 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/22 08:49:56 | 000,056,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/06/14 20:42:44 | 002,159,728 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2011/05/13 02:21:04 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/05/13 02:21:04 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011/05/13 02:21:02 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/05/13 02:21:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/05/13 02:21:02 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/04/28 00:57:20 | 000,016,200 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmVirHid.sys -- (WmVirHid)
DRV:64bit: - [2010/04/28 00:57:14 | 000,036,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmHidLo.sys -- (WmHidLo)
DRV:64bit: - [2010/04/28 00:57:12 | 000,026,440 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmBEnum.sys -- (WmBEnum)
DRV:64bit: - [2010/04/27 22:03:12 | 000,077,512 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WmXlCore.sys -- (WmXlCore)
DRV:64bit: - [2010/04/27 22:02:42 | 000,043,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WmFilter.sys -- (WmFilter)
DRV:64bit: - [2009/08/13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009/06/10 21:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.sk/
IE - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\..\SearchScopes\{E3B1357C-CC7F-4295-B6BB-EE4D1CF5E5A1}: "URL" = http://search.conduit.com/ResultsExt.as ... 81829&UM=1
IE - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\..\SearchScopes\{E7F26F9A-1B5C-4004-9562-946D7CAEE2B2}: "URL" = http://www.search.ask.com/web?p2=%5EB7N ... 6spr%253Da
IE - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Logic PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2013/12/25 17:38:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@bettersurfplusv1.com: C:\Program Files (x86)\BetterSurf\BetterSurfPlusV1\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ext@WebexpEnhancedV1alpha57.net: C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha57\ff
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: D:\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: D:\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013/12/25 17:38:16 | 000,000,000 | ---D | M]

[2013/12/03 17:14:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Logic PC\AppData\Roaming\mozilla\Extensions
[2013/12/28 13:22:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Logic PC\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2013/09/18 19:15:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Logic PC\AppData\Roaming\mozilla\Firefox\Profiles\extensions\extensions
[2013/12/27 11:36:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Logic PC\AppData\Roaming\mozilla\Firefox\Profiles\ex0rp68p.default\extensions
[2013/12/03 17:16:33 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Logic PC\AppData\Roaming\mozilla\firefox\profiles\ex0rp68p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/06/30 09:44:04 | 000,239,491 | ---- | M] () (No name found) -- C:\Users\Logic PC\AppData\Roaming\mozilla\firefox\profiles\extensions\trtv3@trtv.com.xpi
[2013/09/14 20:47:22 | 000,478,635 | ---- | M] () (No name found) -- C:\Users\Logic PC\AppData\Roaming\mozilla\firefox\profiles\extensions\extensions\jid1-vW9nopuIAJiRHw@jetpack.xpi
[2013/08/19 16:18:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

O1 HOSTS File: ([2013/12/28 20:51:04 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O3 - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\..\Toolbar\WebBrowser: (no name) - {434D452D-5637-006A-76A7-7A786E7484D7} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {444785F1-DE89-4295-863A-D46C3A781394} http://webplayer.unity3d.com/download_w ... Player.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39F80948-682D-4552-907E-3ADED97ABB00}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{749F0DC7-FE3E-4A4C-BB81-DE1245BA6A8E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B48B0E0A-4B55-4A46-AE00-200935707A33}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS http://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - frapsvid.dll File not found
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2013/12/29 11:56:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Logic PC\Desktop\OTL.exe
[2013/12/28 20:55:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013/12/28 20:51:07 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/12/28 19:01:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/12/28 19:01:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/12/28 19:01:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/12/28 19:00:51 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/12/28 19:00:37 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/12/28 18:59:52 | 005,158,590 | R--- | C] (Swearware) -- C:\Users\Logic PC\Desktop\ComboFix.exe
[2013/12/28 13:34:49 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\Desktop\RK_Quarantine
[2013/12/27 12:09:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aerosoft
[2013/12/27 11:35:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/12/26 23:07:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
[2013/12/26 17:23:10 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\AppData\Roaming\Malwarebytes
[2013/12/26 17:23:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/12/25 21:57:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013/12/25 21:57:51 | 000,000,000 | ---D | C] -- C:\rsit
[2013/12/25 19:02:45 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\AppData\Local\ESET
[2013/12/25 17:38:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2013/12/25 17:38:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2013/12/25 17:38:15 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/12/25 16:41:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2013/12/25 16:41:10 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\Documents\Image-Line
[2013/12/25 16:41:10 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\AppData\Roaming\Image-Line
[2013/12/25 16:41:09 | 000,000,000 | ---D | C] -- C:\Program Files\Image-Line
[2013/12/25 16:41:08 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
[2013/12/25 16:40:54 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\AppData\Roaming\FlowStone
[2013/12/25 16:40:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSPRobotics
[2013/12/25 16:38:39 | 000,000,000 | ---D | C] -- C:\flstudio
[2013/12/24 22:49:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Image-Line
[2013/12/23 11:27:24 | 000,000,000 | ---D | C] -- C:\ProgramData\saviinshop
[2013/12/23 11:27:17 | 000,000,000 | ---D | C] -- C:\ProgramData\1b13b76c6d07173b
[2013/12/23 11:27:16 | 000,000,000 | ---D | C] -- C:\ProgramData\downloaduitkeep
[2013/12/23 00:40:01 | 000,000,000 | ---D | C] -- C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ
[2013/12/20 19:18:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seznam.cz
[2013/12/20 19:18:31 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\AppData\Roaming\Seznam.cz
[2013/12/20 19:18:26 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2013/12/20 19:18:25 | 000,000,000 | ---D | C] -- C:\totalcmd
[2013/12/13 11:33:57 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2013/12/13 11:18:32 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\AppData\Roaming\AVAST Software
[2013/12/13 11:06:35 | 000,131,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2013/12/13 11:06:32 | 000,447,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2013/12/12 22:27:21 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013/12/12 22:27:21 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013/12/12 22:27:20 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013/12/12 22:27:19 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013/12/12 22:25:55 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2013/12/12 22:25:54 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013/12/12 22:25:54 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013/12/12 22:25:54 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013/12/12 22:25:54 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013/12/12 22:25:54 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013/12/12 22:25:53 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2013/12/12 22:25:53 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013/12/12 22:25:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2013/12/12 22:25:52 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013/12/12 22:25:52 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2013/12/12 22:25:52 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2013/12/12 22:25:51 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013/12/12 22:25:49 | 001,995,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013/12/12 22:25:49 | 001,928,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013/12/12 22:25:46 | 005,769,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013/12/12 19:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Valve
[2013/12/12 19:47:36 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2013/12/12 19:47:36 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2013/12/12 19:47:35 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2013/12/12 19:47:12 | 000,000,000 | ---D | C] -- C:\Riot Games
[2013/12/12 19:47:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
[2013/12/12 18:37:53 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\AppData\Local\Daring_Development_Inc
[2013/12/12 14:32:30 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013/12/12 14:32:30 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013/12/12 14:32:28 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013/12/12 14:32:28 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013/12/12 14:32:27 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013/12/12 14:32:25 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013/12/12 14:32:25 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013/12/12 14:32:04 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013/12/12 14:32:04 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013/12/12 14:32:04 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013/12/12 14:32:03 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013/12/12 14:32:03 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013/12/12 14:32:03 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013/12/05 17:19:29 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/12/03 17:23:06 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\AppData\Local\Macromedia
[2013/12/03 17:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2013/12/03 17:14:41 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\AppData\Local\Mozilla
[2013/11/30 15:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shopping Suggestion
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/12/29 12:00:42 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013/12/29 11:56:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Logic PC\Desktop\OTL.exe
[2013/12/29 11:54:23 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/12/29 11:54:23 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/12/29 11:46:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/12/29 11:46:37 | 3207,581,696 | -HS- | M] () -- C:\hiberfil.sys
[2013/12/28 20:51:04 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013/12/28 19:00:16 | 005,158,590 | R--- | M] (Swearware) -- C:\Users\Logic PC\Desktop\ComboFix.exe
[2013/12/27 11:35:47 | 001,233,962 | ---- | M] () -- C:\Users\Logic PC\Desktop\adwcleaner.exe
[2013/12/26 23:07:40 | 000,000,817 | ---- | M] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2013/12/25 16:41:40 | 000,000,564 | ---- | M] () -- C:\Users\Logic PC\Desktop\FL Studio 11.lnk
[2013/12/23 11:06:05 | 000,415,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/20 19:18:28 | 000,000,646 | ---- | M] () -- C:\Users\Logic PC\Desktop\Total Commander 64 bit.lnk
[2013/12/20 19:18:28 | 000,000,632 | ---- | M] () -- C:\Users\Logic PC\Desktop\Total Commander.lnk
[2013/12/18 15:00:28 | 000,001,817 | ---- | M] () -- C:\Users\Logic PC\AppData\Local\ACCCx2_2_1_260.zip.aamdownload.aamd
[2013/12/18 15:00:26 | 144,752,885 | ---- | M] () -- C:\Users\Logic PC\AppData\Local\ACCCx2_2_1_260.zip.aamdownload
[2013/12/17 19:18:12 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/12/17 19:18:12 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/12/17 19:18:12 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/12/13 11:10:58 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/12/13 11:10:23 | 000,447,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2013/12/13 11:06:34 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2013/12/13 11:05:27 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/12/13 11:05:27 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/12/12 19:47:12 | 000,001,613 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013/12/05 17:48:32 | 000,290,312 | ---- | M] () -- C:\Users\Logic PC\Documents\cc_20131205_174816.reg
[2013/12/05 17:19:33 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/12/29 12:00:42 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013/12/28 19:01:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/12/28 19:01:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/12/28 19:01:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/12/28 19:01:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/12/28 19:01:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/12/27 11:35:43 | 001,233,962 | ---- | C] () -- C:\Users\Logic PC\Desktop\adwcleaner.exe
[2013/12/26 23:07:40 | 000,000,817 | ---- | C] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2013/12/25 16:41:40 | 000,000,564 | ---- | C] () -- C:\Users\Logic PC\Desktop\FL Studio 11.lnk
[2013/12/23 11:05:43 | 000,415,592 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/12/20 19:18:28 | 000,000,646 | ---- | C] () -- C:\Users\Logic PC\Desktop\Total Commander 64 bit.lnk
[2013/12/20 19:18:28 | 000,000,632 | ---- | C] () -- C:\Users\Logic PC\Desktop\Total Commander.lnk
[2013/12/18 15:00:26 | 144,752,885 | ---- | C] () -- C:\Users\Logic PC\AppData\Local\ACCCx2_2_1_260.zip.aamdownload
[2013/12/18 15:00:26 | 000,001,817 | ---- | C] () -- C:\Users\Logic PC\AppData\Local\ACCCx2_2_1_260.zip.aamdownload.aamd
[2013/12/18 14:59:36 | 000,001,526 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
[2013/12/12 19:47:12 | 000,001,613 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013/12/05 17:48:21 | 000,290,312 | ---- | C] () -- C:\Users\Logic PC\Documents\cc_20131205_174816.reg
[2013/12/05 17:19:33 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/09/26 20:14:34 | 000,003,584 | ---- | C] () -- C:\Users\Logic PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/09/24 15:58:03 | 000,000,000 | -HS- | C] () -- C:\Users\Logic PC\AppData\Local\LumaEmu
[2013/09/22 14:44:57 | 000,763,958 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/08/13 09:57:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/09/28 08:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/09/28 08:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/07/02 21:11:02 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\theowl.dll
[2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/02/03 04:00:58 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\TCPClient.dll

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/12/13 11:18:32 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\AVAST Software
[2013/12/26 23:05:14 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\DAEMON Tools Lite
[2013/12/25 16:40:54 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\FlowStone
[2013/12/25 16:41:10 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Image-Line
[2013/08/31 16:55:05 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\JAM Software
[2013/08/22 14:34:39 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\LolClient
[2013/11/14 17:07:59 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Milestone
[2013/09/27 13:08:45 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Nico Mak Computing
[2013/09/21 14:46:54 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\PunkBuster
[2013/10/03 12:37:09 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Quadcore Games
[2013/10/12 11:11:52 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\RBotPlus
[2013/08/22 10:51:59 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Riot Games
[2013/12/26 18:26:28 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Seznam.cz
[2013/08/22 15:51:09 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\SmartPCFix
[2013/09/26 20:09:07 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Sony
[2013/12/13 11:39:15 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\TuneUp Software
[2013/09/21 15:16:41 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Ubisoft
[2013/12/28 18:58:31 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\uTorrent
[2013/09/01 16:39:30 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Wargaming.net

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,032,554 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< >

< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010/11/21 04:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013/05/10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013/05/13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013/07/09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013/10/05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013/07/09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013/07/09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013/05/10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013/05/11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010/11/21 04:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013/05/11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013/05/10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013/05/13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013/05/10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013/10/05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTORV.SYS >
[2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009/07/14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011/11/17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\erdnt\cache64\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\SysNative\lsass.exe
[2013/09/25 02:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2012/08/24 18:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012/06/04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011/11/17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2013/09/25 02:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe

< MD5 for: NDIS.SYS >
[2012/08/22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012/08/22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010/11/21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011/03/11 07:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010/11/21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010/11/21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011/03/11 07:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2013/03/19 03:57:17 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=498E2A20E145199709CD100CDBA8603D -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22280_none_0a9a7b3b492b4d05\smss.exe
[2013/08/29 02:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013/08/02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013/07/08 03:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=E65601CF4BC0CF3718AFBE56A9AD846F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22379_none_0aae4fa7491b124a\smss.exe
[2013/03/19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013/08/02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/05/08 07:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\erdnt\cache64\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010/11/21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2011/04/25 06:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013/05/08 07:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011/06/21 07:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2013/07/06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2011/04/25 07:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011/06/21 07:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\erdnt\cache64\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010/11/21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010/11/21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010/11/21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010/11/21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2013/11/02 20:56:03 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Adobe
[2013/08/13 09:57:56 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\ATI
[2013/12/13 11:18:32 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\AVAST Software
[2013/12/26 23:05:14 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\DAEMON Tools Lite
[2013/12/25 16:40:54 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\FlowStone
[2013/08/12 09:38:14 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Identities
[2013/12/25 16:41:10 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Image-Line
[2013/08/12 10:58:23 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\InstallShield
[2013/08/31 16:55:05 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\JAM Software
[2013/08/22 14:34:39 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\LolClient
[2013/08/19 16:17:17 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Macromedia
[2013/12/26 17:23:10 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Malwarebytes
[2011/04/12 09:28:03 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Media Center Programs
[2013/12/03 17:23:06 | 000,000,000 | --SD | M] -- C:\Users\Logic PC\AppData\Roaming\Microsoft
[2013/11/14 17:07:59 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Milestone
[2013/12/03 17:14:50 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Mozilla
[2013/09/27 13:08:45 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Nico Mak Computing
[2013/09/21 14:46:54 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\PunkBuster
[2013/10/03 12:37:09 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Quadcore Games
[2013/10/12 11:11:52 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\RBotPlus
[2013/08/22 10:51:59 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Riot Games
[2013/09/09 18:46:41 | 000,000,000 | RH-D | M] -- C:\Users\Logic PC\AppData\Roaming\SecuROM
[2013/12/26 18:26:28 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Seznam.cz
[2013/12/17 15:03:39 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Skype
[2013/08/22 15:51:09 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\SmartPCFix
[2013/09/26 20:09:07 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Sony
[2013/12/13 11:39:15 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\TuneUp Software
[2013/09/21 15:16:41 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Ubisoft
[2013/12/28 18:58:31 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\uTorrent
[2013/09/07 19:59:32 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\vlc
[2013/09/01 16:39:30 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\Wargaming.net

< %APPDATA%\*.exe /s >
[2013/10/17 17:20:37 | 000,010,134 | R--- | M] () -- C:\Users\Logic PC\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011/10/18 20:47:26 | 003,123,272 | R--- | M] () -- C:\Users\Logic PC\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
[2013/08/19 12:19:08 | 001,130,576 | ---- | M] (BitTorrent Inc.) -- C:\Users\Logic PC\AppData\Roaming\uTorrent\uTorrent.exe
[2013/08/19 12:19:08 | 001,130,576 | ---- | M] (BitTorrent Inc.) -- C:\Users\Logic PC\AppData\Roaming\uTorrent\updates\3.3.1_30017.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2013/12/29 11:49:20 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013/12/29 12:00:42 | 000,000,512 | ---- | M] () MD5=568F86FA066F53315F88CF48A0CEB762 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012/05/26 06:16:48 | 000,288,490 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS5\Plug-ins\Brushes\Cracks.abr
[2011/08/14 07:59:16 | 003,523,878 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS5\Plug-ins\Brushes\Cracks2.abr
[2013/03/12 11:47:38 | 000,007,624 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Data\Patches\Packs\Drums\Percussion\FPC Ice Crack.wav
[2012/10/02 09:41:48 | 000,000,400 | ---- | M] () -- \Program Files (x86)\Image-Line\FL Studio 11\Data\Patches\Plugin presets\Generators\Drumpad\Sound FX\Crack.fst
[2013/12/25 16:51:07 | 000,001,017 | ---- | M] () -- \Users\Logic PC\AppData\Roaming\Microsoft\Windows\Recent\Fl Studio 11 Crack Only by tahmidk15.lnk
[2013/08/20 18:18:45 | 000,014,904 | ---- | M] () -- \Users\Logic PC\AppData\Roaming\uTorrent\CityCarDriving_1.2.2 + Crack + CarPack.1.torrent
[2013/08/20 13:05:59 | 000,014,904 | ---- | M] () -- \Users\Logic PC\AppData\Roaming\uTorrent\CityCarDriving_1.2.2 + Crack + CarPack.torrent
[2013/10/16 19:12:55 | 000,010,584 | ---- | M] () -- \Users\Logic PC\AppData\Roaming\uTorrent\Crysis 3 Crack-fix By Sanu Saha.torrent
[2013/12/25 17:43:05 | 000,035,033 | ---- | M] () -- \Users\Logic PC\AppData\Roaming\uTorrent\ESET.Smart.Security.5.&.ESET.NOD32.AntiVirus.5.Incl.Crack(32.and.64.Bit).torrent
[2013/10/15 19:59:54 | 000,014,174 | ---- | M] () -- \Users\Logic PC\AppData\Roaming\uTorrent\Fifa 14 Update 1+Crack fix-Skidrow.torrent
[2013/10/15 19:50:20 | 000,018,220 | ---- | M] () -- \Users\Logic PC\AppData\Roaming\uTorrent\FIFA.14-Crack-www.skidrowcrack.com.torrent
[2013/12/25 16:50:10 | 000,007,320 | ---- | M] () -- \Users\Logic PC\AppData\Roaming\uTorrent\Fl Studio 11 Crack Only by tahmidk15.torrent
[2013/09/21 12:41:34 | 000,017,635 | ---- | M] () -- \Users\Logic PC\AppData\Roaming\uTorrent\GTA IV PATCH 1.0.3.0 + CRACK.torrent
[2013/08/21 14:13:34 | 000,013,867 | ---- | M] () -- \Users\Logic PC\AppData\Roaming\uTorrent\Saints Row IV Full PC Game Cracked 2013.torrent
[2013/09/26 19:28:35 | 000,015,083 | ---- | M] () -- \Users\Logic PC\AppData\Roaming\uTorrent\Sony Vegas Pro [10] [32Bit - 64Bit] [With Crack] [By Krushed18].zip.torrent
[2013/08/23 14:29:07 | 000,004,451 | ---- | M] () -- \Users\Logic PC\AppData\Roaming\uTorrent\Test.Drive.Unlimited.2.Crack.Only-SKIDROW.torrent
[2010/01/15 21:56:40 | 000,000,272 | ---- | M] () -- \Users\Logic PC\Documents\Image-Line\Data\Drumaxx\Drum Patches\Sound FX\Crack.dmpatch

031adam031 · #22 Příspěvek od **031adam031** » 29 pro 2013 12:31

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2011/12/23 12:04:44 | 000,040,544 | ---- | M] () -- \Program Files (x86)\City Car Driving\export\meshes\universal\industrial\forLoader_p.hkx
[2006/10/26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2012/11/01 08:32:14 | 000,057,224 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2012/11/01 08:32:44 | 000,065,416 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2012/09/04 22:34:12 | 000,083,848 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2012/09/04 22:34:12 | 000,088,968 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013/06/19 14:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013/06/19 14:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013/06/19 14:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013/12/12 20:10:51 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.63\deploy\assets\storeImages\layout\small_loader.gif
[2013/06/19 14:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013/06/19 14:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013/06/19 14:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/09/05 10:43:36 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013/11/25 12:01:24 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/09/05 10:43:36 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2013/11/25 12:01:24 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 06:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/04/12 09:17:46 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2011/04/12 09:17:46 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2011/04/12 09:17:46 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2011/04/12 09:17:46 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2011/04/12 09:17:46 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2013/08/12 19:11:59 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013/08/12 19:11:59 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013/08/12 19:11:59 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013/08/12 19:11:59 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013/08/12 19:11:59 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/04/12 09:16:46 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 05:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/09/24 09:44:32 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/09/24 09:44:50 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013/09/24 09:52:27 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/09/24 09:53:04 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013/10/10 16:02:46 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
[2013/09/24 09:47:47 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/09/24 09:50:29 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013/10/10 15:57:17 | 003,425,792 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\4d6c50c63ff4757f8825b82fb18eae3d\System.Runtime.Serialization.ni.dll
[2013/09/24 10:00:25 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b00c987c6d13ba24a30b471ae12a23d5\System.Runtime.Serialization.ni.dll
[2013/09/24 10:01:31 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/09/24 10:04:36 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2010/03/18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.amd64
[2010/03/18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.x86
[2013/10/09 20:47:18 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/10/09 20:47:17 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/10/09 20:47:23 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2011/06/10 04:43:56 | 000,073,728 | ---- | M] () -- \Windows\System32\SerialPort.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2011/04/12 09:17:17 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2013/08/12 09:57:31 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2011/06/10 04:43:56 | 000,073,728 | ---- | M] () -- \Windows\SysWOW64\SerialPort.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011/04/12 09:17:17 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2013/08/12 09:57:31 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2011/04/12 09:17:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781\serialui.dll.mui
[2013/08/12 09:57:30 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009/07/14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011/04/12 09:17:23 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013/08/12 19:11:59 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013/08/12 19:11:59 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011/04/12 09:17:46 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781_serialui.dll.mui_7d29d2a3
[2013/08/12 09:57:44 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009/07/14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011/04/12 09:17:46 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2013/08/12 09:57:44 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 04:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 04:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 04:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011/04/12 09:16:53 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 19:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 18:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010/11/21 04:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 04:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010/11/21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011/04/12 09:17:17 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2013/08/12 09:57:31 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/11/21 04:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 440 bytes -> C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ:1

< End of report >

#23 Příspěvek od **Márty84** » 29 pro 2013 15:58

Vypnete antivir, at nebrani programu v praci

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\..\SearchScopes\{E3B1357C-CC7F-4295-B6BB-EE4D1CF5E5A1}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN23375520462781829&UM=1
IE - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\..\SearchScopes\{E7F26F9A-1B5C-4004-9562-946D7CAEE2B2}: "URL" = http://www.search.ask.com/web?p2=%5EB7N ... trgb=IE&q={searchTerms}&psv=barid%253D%257B06745BA2%252D0D7F%252D11E3%252D8A15%252D6C626D3DB0C6%257D%2526cargo%253DCME%252DV7%2526spr%253Da
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
O3 - HKU\S-1-5-21-2420748238-3054550-4101967364-1000\..\Toolbar\WebBrowser: (no name) - {434D452D-5637-006A-76A7-7A786E7484D7} - No CLSID value found.
O16 - DPF: {444785F1-DE89-4295-863A-D46C3A781394} http://webplayer.unity3d.com/download_w ... Player.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2013/12/23 00:40:01 | 000,000,000 | ---D | C] -- C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ
[2013/12/13 11:18:32 | 000,000,000 | ---D | C] -- C:\Users\Logic PC\AppData\Roaming\AVAST Software
[2013/12/13 11:06:35 | 000,131,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2013/12/13 11:06:32 | 000,447,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2013/11/30 15:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Shopping Suggestion
[2013/12/13 11:10:58 | 000,334,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013/12/13 11:10:23 | 000,447,888 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2013/12/13 11:18:32 | 000,000,000 | ---D | M] -- C:\Users\Logic PC\AppData\Roaming\AVAST Software
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]
@Alternate Data Stream - 440 bytes -> C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ:1

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Jak je to s legalitou toho Esetu?

031adam031 · #24 Příspěvek od **031adam031** » 29 pro 2013 17:27

A jak by to bolo z legalitov veď normálne je stiahnutý je to trial verzia.

#25 Příspěvek od **Márty84** » 29 pro 2013 17:31

V logu z OTL je videt crack na starsi verzi Esetu. Cili nepredpokladam, ze si tuto verzi hodlate po vyprseni zkusebni doby zakoupit. Nebo ano?

031adam031 · #26 Příspěvek od **031adam031** » 29 pro 2013 17:48

Tak ja som sa na jednom fóru dozvedel že eset je lepší ako AVG ktorý som mal ale dal som ho preč a stiahol som trial eset takže neviem čo bude neskôr pokial viem trial verzia nie je nelegálna

#27 Příspěvek od **Márty84** » 29 pro 2013 17:51

Nelegalni neni, pokud je pouzita jen jednou

Proto jsem se ptal, ja jsem nerekl, ze je nelegalni. Jinak souhlasim, Eset je lepsi nez AVG, ale bohuzel je placeny.

031adam031 · #28 Příspěvek od **031adam031** » 29 pro 2013 18:00

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Logic PC
->Temp folder emptied: 1890 bytes
->Temporary Internet Files folder emptied: 79553280 bytes
->FireFox cache emptied: 399732439 bytes
->Flash cache emptied: 12157 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 608 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 42306114 bytes
RecycleBin emptied: 92606 bytes

Total Files Cleaned = 498,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Logic PC
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2420748238-3054550-4101967364-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2420748238-3054550-4101967364-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E3B1357C-CC7F-4295-B6BB-EE4D1CF5E5A1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E3B1357C-CC7F-4295-B6BB-EE4D1CF5E5A1}\ not found.
Registry key HKEY_USERS\S-1-5-21-2420748238-3054550-4101967364-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E7F26F9A-1B5C-4004-9562-946D7CAEE2B2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7F26F9A-1B5C-4004-9562-946D7CAEE2B2}\ not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-2420748238-3054550-4101967364-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{434D452D-5637-006A-76A7-7A786E7484D7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{434D452D-5637-006A-76A7-7A786E7484D7}\ not found.
Starting removal of ActiveX control {444785F1-DE89-4295-863A-D46C3A781394}
C:\Windows\Downloaded Program Files\UnityWebPlayer.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{444785F1-DE89-4295-863A-D46C3A781394}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{444785F1-DE89-4295-863A-D46C3A781394}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\ not found.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
Invalid CLSID key: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll not found.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ not found.
Invalid CLSID key: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZZZZZZZZ...ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZZZZZ.ZZZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZZZZ.....Z..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZZZ.ZZZ....ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZZZ.Z.Z..Z..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZZZ..Z.ZZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZZ..ZZZZ....Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZZ...Z..Z.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZ.ZZZ.Z..ZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZ.Z.Z.Z.Z.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZ..ZZ.ZZZZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZ..Z.ZZZ...ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZ...ZZZZZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZ...ZZZZ...ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZ...ZZ.Z..Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZZ......Z....Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ.ZZZZZZZZ...Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ.ZZZ.Z...ZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ.ZZZ..Z.ZZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ.ZZZ....Z.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ.ZZ..Z.ZZZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ.ZZ....ZZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ.Z.ZZ.ZZZZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ.Z..Z.ZZZ.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ..ZZZZ...Z..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ..ZZ.ZZZZZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ..ZZ..ZZ.ZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ..Z.ZZZZZ..ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ..Z.ZZ.Z.Z..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ..Z......Z.ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ...ZZ.Z...ZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ...ZZ..ZZ..ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ...ZZ..Z.Z..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ....ZZZZ.ZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ....ZZZ..ZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZZ....Z..Z.ZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.ZZZZZZZ.Z.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.ZZZZZZ....Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.ZZZZZ.Z....ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.ZZZZ...Z.Z.ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.ZZZ.Z...ZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.ZZZ..Z.ZZZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.ZZZ...ZZZ...Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.ZZ.Z.Z.ZZ.ZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.ZZ..ZZ...Z..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.Z.ZZZZZZZZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.Z.Z..ZZZ....Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.Z..ZZ.ZZ....Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.Z..Z...ZZ.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.Z...Z.Z.Z...Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.Z...Z..Z....Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.Z...Z.......Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ.Z......Z.Z.ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ..ZZZZZZZ.ZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ..ZZZZ..ZZ.ZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ..ZZZZ...ZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ..ZZZ..Z.ZZ.ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ..ZZ.ZZ.ZZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ..ZZ.ZZ.Z....Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ..ZZ..ZZZ...ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ..ZZ....ZZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ..Z.ZZ...Z.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ..Z..ZZZ...ZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ..Z..ZZ...ZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ...ZZ.ZZ.Z...Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ...ZZ..Z..ZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ...Z.Z..ZZZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\ZZ....ZZZZZ.ZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZZZZZZZ..Z.ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZZZZZZZ...Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZZZZZZ..ZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZZZZZ.ZZ.Z.ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZZZZZ...ZZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZZZZ..Z....ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZZZZ....ZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZZZ.Z..ZZ.ZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZZ..ZZZZ...ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZZ..ZZ.ZZ..ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZZ..Z....Z..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZZ.....ZZZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZ.ZZ..ZZ.ZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZ.ZZ...ZZ.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZ.ZZ....ZZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZ.ZZ.....ZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZ.Z.ZZZ.....Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZ.Z..ZZ....ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZ..ZZ.ZZZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZ..ZZ..ZZ.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZ...ZZ..ZZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZ...Z.ZZ....Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZ....Z..ZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.ZZ.....ZZ....Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z.ZZZ.ZZ.Z.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z.ZZZ..ZZZ..ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z.ZZ.Z...Z...Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z.ZZ.Z....Z.ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z.Z.Z.ZZZ.Z..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z.Z.Z..ZZZZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z.Z..ZZ.ZZ.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z.Z..ZZ...ZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z.Z..Z...ZZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z..ZZ...ZZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z...ZZ.Z...Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z...Z.ZZ...Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.Z....ZZ...Z..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..ZZZZZZ.Z.ZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..ZZZZZ.ZZZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..ZZZ.ZZZ.Z.ZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..ZZZ.Z.Z.ZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..ZZZ.Z.Z..ZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..ZZZ.Z..Z.ZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..ZZ.ZZZZ.Z.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..ZZ..ZZZZ.Z..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..ZZ....Z.Z..ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..Z.ZZ..Z.ZZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..Z.Z.Z..Z.ZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..Z..ZZZZZ.Z..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..Z..ZZZ..Z..ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..Z..Z.ZZ.Z.ZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z..Z...ZZ.ZZ..ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z...ZZZZZ.Z..ZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z...ZZZZ.Z.Z.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z...ZZZ.ZZ.Z.Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z...ZZZ.ZZ..ZZ.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z...ZZZ..Z...ZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z...Z..Z...ZZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z...Z.....ZZZ.ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z...Z......ZZ..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z....Z.ZZZ.Z...Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z....Z.Z.....ZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.....ZZZZZZ...Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.....Z.ZZ....ZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.....Z....ZZZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.....Z......ZZZ folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z......Z.....Z.Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ\Z.......Z...Z..Z folder moved successfully.
C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ folder moved successfully.
C:\Users\Logic PC\AppData\Roaming\AVAST Software\Avast\Cache\Local Storage folder moved successfully.
C:\Users\Logic PC\AppData\Roaming\AVAST Software\Avast\Cache\AppCache folder moved successfully.
C:\Users\Logic PC\AppData\Roaming\AVAST Software\Avast\Cache folder moved successfully.
C:\Users\Logic PC\AppData\Roaming\AVAST Software\Avast folder moved successfully.
C:\Users\Logic PC\AppData\Roaming\AVAST Software folder moved successfully.
C:\Windows\SysNative\drivers\aswFW.sys moved successfully.
C:\Windows\SysNative\drivers\aswNdisFlt.sys moved successfully.
C:\Program Files (x86)\Shopping Suggestion folder moved successfully.
C:\Windows\SysNative\aswBoot.exe moved successfully.
File C:\Windows\SysNative\drivers\aswNdisFlt.sys not found.
Folder C:\Users\Logic PC\AppData\Roaming\AVAST Software\ not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP74F0.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB7E9.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP73E7.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB4FC.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI4F03.tmp deleted successfully.
C:\Windows\Installer\MSIB3B8.tmp deleted successfully.
Unable to delete ADS C:\3590F75ABA9E485486C100C1A9D4FF06Z.Z...ZZ.ZZ..ZZZ:1 .
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 12292013_175643

Files\Folders moved on Reboot...
C:\Users\Logic PC\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#29 Příspěvek od **Márty84** » 29 pro 2013 18:18

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

031adam031 · #30 Příspěvek od **031adam031** » 30 pro 2013 12:35

Ok díki PC funguje ako má je to super

VIRY.CZ

Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC

Re: Pomalý PC