Chrome se načte a okamžitě zamrzne- nic nepomáhá

Zpráva

Dubinek · #16 Příspěvek od **Dubinek** » 31 říj 2014 21:20

s těmi chromy je to zvláštní když hledám manuálně přes řádek tak nic nikde nenajdu vše je odstraněno je jen aktuální verze, tak nevím kde se tam bere ten starší, cc cleaner ani odinstalátor windows jej nenajde

další věc, nevím jestli to s tím může mít nějakou souvislost, ale chrome už tam byl úplně od začátku zabudovaný v systému

Dubinek · #17 Příspěvek od **Dubinek** » 31 říj 2014 22:08

při čtení logu mě napadla jedna věc, možná byl zapnutý windows defender, nějak hloub sem se o něj do teďka nezajímal, tak jsem ho zapoměl vypnout

ComboFix 14-10-29.01 - Lenovo 31.10.2014 21:52:48.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4040.2216 [GMT 1:00]
Spuštěný z: c:\users\Lenovo\Desktop\xyz.exe.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-09-28 do 2014-10-31 )))))))))))))))))))))))))))))))
.
.
2014-10-31 20:59 . 2014-10-31 20:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-31 20:59 . 2014-10-31 20:59 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3630B429-A386-4616-A178-D042838735E0}\offreg.dll
2014-10-31 16:03 . 2014-10-31 20:25 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-31 16:03 . 2014-10-31 16:03 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-10-31 16:03 . 2014-10-01 10:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-31 16:03 . 2014-10-01 10:11 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-31 16:03 . 2014-10-01 10:11 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-10-31 15:37 . 2014-10-31 15:38 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-10-31 13:40 . 2014-10-20 02:37 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3630B429-A386-4616-A178-D042838735E0}\mpengine.dll
2014-10-31 13:10 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-10-31 13:10 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-10-31 13:08 . 2014-10-31 13:08 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-10-30 15:36 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-10-30 15:36 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-10-30 15:36 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-10-30 15:36 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-10-29 20:15 . 2014-10-29 20:15 -------- d--h--w- c:\programdata\CanonBJ
2014-10-29 20:14 . 2009-07-14 01:40 84992 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNBPP4.DLL
2014-10-29 19:51 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-10-29 19:51 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-10-29 19:51 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-10-29 19:51 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-10-29 19:51 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-10-29 19:43 . 2014-10-29 19:43 -------- d-----w- c:\windows\Migration
2014-10-29 19:34 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-10-29 19:23 . 2014-10-29 19:23 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-29 18:54 . 2014-10-29 18:54 -------- d-s---w- c:\windows\system32\CompatTel
2014-10-29 18:54 . 2014-10-29 18:54 -------- d-----w- c:\windows\SysWow64\Wat
2014-10-29 18:54 . 2014-10-29 18:54 -------- d-----w- c:\windows\system32\Wat
2014-10-29 17:22 . 2014-10-29 17:22 -------- d-----w- C:\d41a19c517de77a45e999255b4
2014-10-29 16:47 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-10-29 16:47 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-10-29 16:29 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-10-29 16:11 . 2014-10-29 16:11 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-29 16:11 . 2014-10-29 16:12 -------- d-----r- c:\program files (x86)\Skype
2014-10-29 16:11 . 2014-10-29 16:12 -------- d-----w- c:\programdata\Skype
2014-10-29 15:50 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-10-29 15:50 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-10-29 15:50 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-10-29 15:50 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-10-29 15:50 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-10-29 15:50 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-10-29 15:50 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-10-29 15:37 . 2014-10-29 15:37 -------- d-----w- c:\program files\Microsoft Silverlight
2014-10-29 15:37 . 2014-10-29 15:37 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-10-29 15:02 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-10-29 15:02 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2014-10-29 15:02 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2014-10-29 14:49 . 2014-10-29 14:53 -------- d-----w- c:\windows\system32\MRT
2014-10-29 14:47 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-10-29 14:47 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-10-29 14:47 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-10-29 14:47 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-10-29 14:47 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-10-29 14:47 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-10-29 14:46 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-10-29 14:46 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-10-29 12:33 . 2014-10-29 15:41 -------- d-----w- c:\program files (x86)\Microsoft Works
2014-10-29 12:31 . 2014-10-29 12:31 -------- d-----w- c:\program files\Microsoft Office
2014-10-29 12:31 . 2014-10-29 12:31 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-10-29 12:29 . 2014-10-31 13:33 -------- d-----w- c:\programdata\Microsoft Help
2014-10-29 12:29 . 2014-10-29 12:29 -------- d-----r- C:\MSOCache
2014-10-29 11:38 . 2014-10-29 11:14 24064 ----a-w- c:\windows\zoek-delete.exe
2014-10-29 11:14 . 2014-10-29 11:32 -------- d-----w- C:\zoek_backup
2014-10-29 10:29 . 2014-10-29 10:29 -------- d-----w- c:\windows\ERUNT
2014-10-29 10:17 . 2014-10-29 10:22 -------- d-----w- C:\AdwCleaner
2014-10-29 10:08 . 2014-10-29 10:08 -------- d-s---w- c:\windows\SysWow64\Microsoft
2014-10-29 09:51 . 2014-10-29 09:52 -------- d-----w- C:\rsit
2014-10-29 09:51 . 2014-10-29 09:52 -------- d-----w- c:\program files\trend micro
2014-10-29 09:45 . 2014-10-29 12:32 -------- d-----w- c:\program files (x86)\Microsoft.NET
2014-10-29 09:39 . 2014-10-29 09:57 -------- d-----w- c:\programdata\Freemake
2014-10-29 09:39 . 2014-10-29 09:39 -------- d-----w- c:\program files (x86)\Freemake
2014-10-29 08:48 . 2014-10-29 08:48 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-10-29 08:36 . 2014-10-29 08:36 -------- d-----w- c:\program files\CCleaner
2014-10-29 07:49 . 2014-10-29 07:49 -------- d-----w- c:\windows\SysWow64\drivers\sk-SK
2014-10-29 07:49 . 2014-10-29 07:49 -------- d-----w- c:\windows\sk-SK
2014-10-29 07:49 . 2014-10-29 07:49 -------- d-----w- c:\windows\system32\drivers\sk-SK
2014-10-29 03:23 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-10-29 03:23 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-10-29 03:16 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-10-29 03:16 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-10-29 03:16 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-10-29 03:16 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2014-10-29 03:16 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2014-10-29 03:16 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2014-10-29 03:16 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2014-10-29 03:16 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2014-10-29 03:16 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2014-10-29 03:16 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2014-10-29 03:16 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2014-10-29 03:16 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2014-10-29 03:15 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2014-10-29 03:15 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2014-10-29 03:13 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2014-10-29 03:13 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2014-10-29 03:13 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2014-10-29 03:13 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2014-10-29 03:12 . 2014-06-03 10:02 1719296 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-10-29 03:12 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-10-29 03:12 . 2014-06-03 10:02 1389568 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-10-29 03:12 . 2014-06-03 10:02 1380864 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-10-29 03:11 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-10-29 03:11 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll
2014-10-29 03:11 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2014-10-29 03:11 . 2014-09-29 00:58 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-10-29 03:11 . 2011-11-17 06:35 395776 ----a-w- c:\windows\system32\webio.dll
2014-10-29 03:11 . 2011-11-17 05:35 314880 ----a-w- c:\windows\SysWow64\webio.dll
2014-10-29 03:11 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-10-29 03:11 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-10-29 03:10 . 2014-06-18 22:23 156312 ----a-w- c:\windows\system32\mscorier.dll
2014-10-29 03:10 . 2014-06-18 22:23 156824 ----a-w- c:\windows\SysWow64\mscorier.dll
2014-10-29 03:10 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\SysWow64\dfshim.dll
2014-10-29 03:10 . 2014-06-18 22:23 73880 ----a-w- c:\windows\system32\mscories.dll
2014-10-29 03:10 . 2014-06-18 22:23 1943696 ----a-w- c:\windows\system32\dfshim.dll
2014-10-29 03:10 . 2014-06-18 22:23 81560 ----a-w- c:\windows\SysWow64\mscories.dll
2014-10-29 03:10 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2014-10-29 03:09 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2014-10-29 03:09 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2014-10-29 03:09 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll
2014-10-29 03:09 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2014-10-29 03:09 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2014-10-29 03:09 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2014-10-29 03:09 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-10-29 03:09 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2014-10-29 03:09 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-29 19:26 . 2014-10-29 19:26 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-10-29 19:26 . 2014-10-29 19:26 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-10-29 18:55 . 2010-06-24 11:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-10-28 05:34 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-10-23 30524000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-02 343168]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2010-01-19 536576]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-01-06 329056]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-10-31 5223016]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-12-14 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 0263551414571963mcinstcleanup;McAfee Application Installer Cleanup (0263551414571963);c:\users\Lenovo\AppData\Local\Temp\026355~1.EXE;c:\users\Lenovo\AppData\Local\Temp\026355~1.EXE [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 vm2uvcflt;Vimicro USB Camera Filter 2;c:\windows\system32\Drivers\vm2uvcflt.sys;c:\windows\SYSNATIVE\Drivers\vm2uvcflt.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-10-28 21:16 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-01-06 22:22 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-01-06 114688]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-01-06 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-01-06 5908928]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 84.21.109.1 84.16.96.2
FF - ProfilePath - c:\users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zvsu016g.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-10-31 22:02:58
ComboFix-quarantined-files.txt 2014-10-31 21:02
.
Před spuštěním: Volných bajtů: 143 474 196 480
Po spuštění: Volných bajtů: 144 638 791 680
.
- - End Of File - - 020A0D4CD390C77BC6FF85CC2717D664

#18 Příspěvek od **Márty84** » 01 lis 2014 05:19

Nez budu mazat, zkuste, jestli to uvidi Revo http://www.stahuj.centrum.cz/utility_a_ ... installer/

Defender vypnete trvale, bezi zbytecne

Dubinek · #19 Příspěvek od **Dubinek** » 01 lis 2014 11:54

Chrome jsem znovu nainstaloval, jakou mám tedy zvolit metodu oddinstalace (bezpečnou, vestavěnou, přiměřenou, pokročilou) ?

tu řešili stejný problém v diskuzi, zatím nevyřešili:
http://mujsoubor.cz/poradna/google-chro ... -nereaguje

Revo my nenašel spoustu programů, ale zase našel pár těch co nikdo jiný:
http://leteckaposta.cz/274104218 programy po spuštění-groove monitor, netuším k čemu to je dobrý

napadla mě ještě jedna věc, nová verze chrome nefunguje už od začátku přeinstalace, ta starší verze (myslím 12) nebo tak nějak fungovala, ale nic pořádnýho se v ní nedalo dělat(zastaralá, je možné že by to blokoval nějaký software od Lenova ?

nebo je zase možný že tam ze zálohy na HDD přeskočil nějaký sajrajt

#20 Příspěvek od **Márty84** » 01 lis 2014 15:21

Dubinek píše:Chrome jsem znovu nainstaloval, jakou mám tedy zvolit metodu oddinstalace (bezpečnou, vestavěnou, přiměřenou, pokročilou) ?

To je fuk, treba bezpecnou.

Dubinek píše:tu řešili stejný problém v diskuzi, zatím nevyřešili:

A nejspis ani nevyresi, neni to tak snadne

Dubinek píše:napadla mě ještě jedna věc, nová verze chrome nefunguje už od začátku přeinstalace, ta starší verze (myslím 12) nebo tak nějak fungovala, ale nic pořádnýho se v ní nedalo dělat(zastaralá, je možné že by to blokoval nějaký software od Lenova ?

Od lenova asi ne, to by melo problemy mnohem vic lidi. Zkuste pak nejakou novejsi verzi nez 12, ale ne tu uplne nejnovejsi, treba zatim pobezi.

Dubinek píše:nebo je zase možný že tam ze zálohy na HDD přeskočil nějaký sajrajt

Mozne je uplne vsechno, ale havet a smeti pomalu likvidujem, takze tuhle moznost budeme moct vyloucit

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

File::
c:\windows\system32\drivers\MBAMSwissArmy.sys
c:\windows\system32\drivers\mwac.sys
c:\windows\system32\drivers\mbamchameleon.sys
c:\windows\system32\drivers\mbam.sys
c:\windows\zoek-delete.exe

Folder::
c:\program files (x86)\Malwarebytes Anti-Malware
C:\zoek_backup

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=-
"Skype"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"GrooveMonitor"=-

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
0263551414571963mcinstcleanup
SkypeUpdate
MBAMService
MBAMProtector
MBAMSwissArmy
MBAMWebAccessControl

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

Dubinek · #21 Příspěvek od **Dubinek** » 01 lis 2014 19:25

ComboFix 14-10-29.01 - Lenovo 01.11.2014 18:52:09.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4040.2325 [GMT 1:00]
Spuštěný z: c:\users\Lenovo\Desktop\xyz.exe.exe
Použité ovládací přepínače :: c:\users\Lenovo\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\mbam.sys"
"c:\windows\system32\drivers\mbamchameleon.sys"
"c:\windows\system32\drivers\MBAMSwissArmy.sys"
"c:\windows\system32\drivers\mwac.sys"
"c:\windows\zoek-delete.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Malwarebytes Anti-Malware
c:\program files (x86)\Malwarebytes Anti-Malware\7z.dll
c:\program files (x86)\Malwarebytes Anti-Malware\accessible\qtaccessiblewidgets4.dll
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\firefox.com
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\firefox.exe
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\firefox.pif
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\firefox.scr
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\iexplore.exe
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.com
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.exe
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.pif
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-chameleon.scr
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\mbam-killer.exe
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\rundll32.exe
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\windows.exe
c:\program files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
c:\program files (x86)\Malwarebytes Anti-Malware\changes.txt
c:\program files (x86)\Malwarebytes Anti-Malware\imageformats\qgif4.dll
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_ar.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_bg.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_ca.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_cs.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_da.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_de.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_el.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_en.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_es.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_et.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_fi.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_fr.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_he.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_hu.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_id.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_it.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_ja.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_ko.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_lt.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_lv.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_nl.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_no.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_pl.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_pt_BR.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_pt_PT.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_ro.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_ru.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_sk.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_sl.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_sv.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_th.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_tr.qm
c:\program files (x86)\Malwarebytes Anti-Malware\Languages\lang_vi.qm
c:\program files (x86)\Malwarebytes Anti-Malware\license.rtf
c:\program files (x86)\Malwarebytes Anti-Malware\master.conf
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.dll
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamcore.dll
c:\program files (x86)\Malwarebytes Anti-Malware\mbamdor.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamext.dll
c:\program files (x86)\Malwarebytes Anti-Malware\mbampt.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamsrv.dll
c:\program files (x86)\Malwarebytes Anti-Malware\msvcp100.dll
c:\program files (x86)\Malwarebytes Anti-Malware\msvcr100.dll
c:\program files (x86)\Malwarebytes Anti-Malware\Plugins\fixdamage.exe
c:\program files (x86)\Malwarebytes Anti-Malware\QtCore4.dll
c:\program files (x86)\Malwarebytes Anti-Malware\QtGui4.dll
c:\program files (x86)\Malwarebytes Anti-Malware\QtNetwork4.dll
c:\program files (x86)\Malwarebytes Anti-Malware\unins000.dat
c:\program files (x86)\Malwarebytes Anti-Malware\unins000.exe
C:\xyz.exe
c:\xyz.exe\grep.3XE
c:\xyz.exe\N_\19225
C:\zoek_backup
c:\zoek_backup\C_PROGRA~3_OneKey Recovery\SSStatus.ini
c:\zoek_backup\C_Users_Public_Desktop_Freemake Video Downloader.lnk.vir
c:\zoek_backup\restore.txt
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MBAMPROTECTOR
-------\Legacy_MBAMSWISSARMY
-------\Legacy_MBAMWEBACCESSCONTROL
-------\Service_0263551414571963mcinstcleanup
-------\Service_MBAMProtector
-------\Service_MBAMService
-------\Service_MBAMSwissArmy
-------\Service_MBAMWebAccessControl
-------\Service_SkypeUpdate
-------\Service_MBAMScheduler
-------\Service_MBAMScheduler
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-10-01 do 2014-11-01 )))))))))))))))))))))))))))))))
.
.
2014-11-01 17:59 . 2014-11-01 17:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-01 10:19 . 2014-11-01 10:19 -------- d-----w- c:\program files (x86)\VS Revo Group
2014-10-31 16:03 . 2014-11-01 17:12 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-31 16:03 . 2014-10-01 10:11 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-10-31 16:03 . 2014-10-01 10:11 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-31 16:03 . 2014-10-01 10:11 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-10-31 15:37 . 2014-10-31 15:38 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2014-10-31 13:40 . 2014-10-20 02:37 11627712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3630B429-A386-4616-A178-D042838735E0}\mpengine.dll
2014-10-31 13:10 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-10-31 13:10 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-10-31 13:08 . 2014-10-31 13:08 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-10-30 15:36 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-10-30 15:36 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-10-30 15:36 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2014-10-30 15:36 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2014-10-29 20:15 . 2014-10-29 20:15 -------- d--h--w- c:\programdata\CanonBJ
2014-10-29 20:14 . 2009-07-14 01:40 84992 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNBPP4.DLL
2014-10-29 19:51 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-10-29 19:51 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-10-29 19:51 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-10-29 19:51 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-10-29 19:51 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-10-29 19:43 . 2014-10-29 19:43 -------- d-----w- c:\windows\Migration
2014-10-29 19:34 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-10-29 19:23 . 2014-10-29 19:23 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-29 18:54 . 2014-10-29 18:54 -------- d-s---w- c:\windows\system32\CompatTel
2014-10-29 18:54 . 2014-10-29 18:54 -------- d-----w- c:\windows\SysWow64\Wat
2014-10-29 18:54 . 2014-10-29 18:54 -------- d-----w- c:\windows\system32\Wat
2014-10-29 17:22 . 2014-10-29 17:22 -------- d-----w- C:\d41a19c517de77a45e999255b4
2014-10-29 16:47 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-10-29 16:47 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2014-10-29 16:29 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-10-29 16:11 . 2014-10-29 16:11 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-10-29 16:11 . 2014-10-29 16:12 -------- d-----r- c:\program files (x86)\Skype
2014-10-29 16:11 . 2014-10-29 16:12 -------- d-----w- c:\programdata\Skype
2014-10-29 15:50 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-10-29 15:50 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-10-29 15:50 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-10-29 15:50 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-10-29 15:50 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-10-29 15:50 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-10-29 15:50 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-10-29 15:37 . 2014-10-29 15:37 -------- d-----w- c:\program files\Microsoft Silverlight
2014-10-29 15:37 . 2014-10-29 15:37 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-10-29 15:02 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-10-29 15:02 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2014-10-29 15:02 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2014-10-29 14:49 . 2014-10-29 14:53 -------- d-----w- c:\windows\system32\MRT
2014-10-29 14:47 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-10-29 14:47 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-10-29 14:47 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-10-29 14:47 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-10-29 14:47 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-10-29 14:47 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-10-29 14:46 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-10-29 14:46 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-10-29 12:33 . 2014-10-29 15:41 -------- d-----w- c:\program files (x86)\Microsoft Works
2014-10-29 09:39 . 2014-10-29 09:57 -------- d-----w- c:\programdata\Freemake
2014-10-29 09:39 . 2014-10-29 09:39 -------- d-----w- c:\program files (x86)\Freemake
2014-10-29 08:48 . 2014-10-29 08:48 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-10-29 08:36 . 2014-10-29 08:36 -------- d-----w- c:\program files\CCleaner
2014-10-29 07:49 . 2014-10-29 07:49 -------- d-----w- c:\windows\SysWow64\drivers\sk-SK
2014-10-29 07:49 . 2014-10-29 07:49 -------- d-----w- c:\windows\sk-SK
2014-10-29 07:49 . 2014-10-29 07:49 -------- d-----w- c:\windows\system32\drivers\sk-SK
2014-10-29 03:23 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2014-10-29 03:23 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2014-10-29 03:16 . 2013-10-30 02:32 335360 ----a-w- c:\windows\system32\msieftp.dll
2014-10-29 03:16 . 2013-10-30 02:19 301568 ----a-w- c:\windows\SysWow64\msieftp.dll
2014-10-29 03:16 . 2014-01-28 02:32 228864 ----a-w- c:\windows\system32\wwansvc.dll
2014-10-29 03:16 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2014-10-29 03:16 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2014-10-29 03:16 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2014-10-29 03:16 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2014-10-29 03:16 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2014-10-29 03:16 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2014-10-29 03:16 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2014-10-29 03:16 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2014-10-29 03:16 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2014-10-29 03:15 . 2013-07-09 05:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2014-10-29 03:15 . 2013-07-09 04:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2014-10-29 03:13 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2014-10-29 03:13 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2014-10-29 03:13 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2014-10-29 03:13 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2014-10-29 03:12 . 2014-06-03 10:02 1719296 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2014-10-29 03:12 . 2014-06-03 10:02 1354240 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-10-29 03:12 . 2014-06-03 10:02 1389568 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2014-10-29 03:12 . 2014-06-03 10:02 1380864 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2014-10-29 03:11 . 2014-06-03 09:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-10-29 03:11 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll
2014-10-29 03:11 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2014-10-29 03:11 . 2014-09-29 00:58 3198976 ----a-w- c:\windows\system32\win32k.sys
2014-10-29 03:11 . 2011-11-17 06:35 395776 ----a-w- c:\windows\system32\webio.dll
2014-10-29 03:11 . 2011-11-17 05:35 314880 ----a-w- c:\windows\SysWow64\webio.dll
2014-10-29 03:11 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-10-29 03:11 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-10-29 03:10 . 2014-06-18 22:23 156312 ----a-w- c:\windows\system32\mscorier.dll
2014-10-29 03:10 . 2014-06-18 22:23 156824 ----a-w- c:\windows\SysWow64\mscorier.dll
2014-10-29 03:10 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\SysWow64\dfshim.dll
2014-10-29 03:10 . 2014-06-18 22:23 73880 ----a-w- c:\windows\system32\mscories.dll
2014-10-29 03:10 . 2014-06-18 22:23 1943696 ----a-w- c:\windows\system32\dfshim.dll
2014-10-29 03:10 . 2014-06-18 22:23 81560 ----a-w- c:\windows\SysWow64\mscories.dll
2014-10-29 03:10 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2014-10-29 03:09 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2014-10-29 03:09 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2014-10-29 03:09 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll
2014-10-29 03:09 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2014-10-29 03:09 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2014-10-29 03:09 . 2014-01-29 02:32 484864 ----a-w- c:\windows\system32\wer.dll
2014-10-29 03:09 . 2014-01-29 02:06 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-10-29 03:09 . 2013-10-19 02:18 81408 ----a-w- c:\windows\system32\imagehlp.dll
2014-10-29 03:09 . 2013-10-19 01:36 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2014-10-29 03:09 . 2014-04-05 02:47 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-10-29 03:09 . 2014-04-05 02:47 288192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-10-29 03:09 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-10-29 03:08 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2014-10-29 03:08 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2014-10-29 03:08 . 2014-03-26 14:44 2002432 ----a-w- c:\windows\system32\msxml6.dll
2014-10-29 03:08 . 2014-03-26 14:44 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-10-29 03:08 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml6r.dll
2014-10-29 03:08 . 2014-03-26 14:27 1389056 ----a-w- c:\windows\SysWow64\msxml6.dll
2014-10-29 03:08 . 2014-03-26 14:27 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-10-29 03:08 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2014-10-29 03:08 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-10-29 03:08 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-29 19:26 . 2014-10-29 19:26 208384 ----a-w- c:\windows\SysWow64\webcheck.dll
2014-10-29 19:26 . 2014-10-29 19:26 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-10-29 18:55 . 2010-06-24 11:33 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-10-28 05:34 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-02-18 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-02 343168]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2010-01-19 536576]
"UpdateP2GShortCut"="c:\program files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2010-07-26 222504]
"YouCam Mirage"="c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe" [2011-01-28 136488]
"YouCam Tray"="c:\program files (x86)\Lenovo\YouCam\YouCam.exe" [2011-01-28 228448]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-01-06 329056]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-10-31 5223016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-12-14 1133856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 vm2uvcflt;Vimicro USB Camera Filter 2;c:\windows\system32\Drivers\vm2uvcflt.sys;c:\windows\SYSNATIVE\Drivers\vm2uvcflt.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-10-28 21:16 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-01-06 22:22 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-01-06 114688]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-01-06 9753024]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-01-06 5908928]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 84.21.109.1 84.16.96.2
FF - ProfilePath - c:\users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zvsu016g.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Malwarebytes Anti-Malware_is1 - c:\program files (x86)\Malwarebytes Anti-Malware\unins000.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-11-01 19:10:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-11-01 18:10
ComboFix2.txt 2014-10-31 21:02
.
Před spuštěním: Volných bajtů: 143 315 386 368
Po spuštění: Volných bajtů: 142 935 965 696
.
- - End Of File - - BF9CE977360B4FB945F6C4BAD1BD2E0A

#22 Příspěvek od **Márty84** » 01 lis 2014 22:05

Dejte novy log z RSIT

Dubinek · #23 Příspěvek od **Dubinek** » 01 lis 2014 22:32

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenovo at 2014-11-01 22:30:18
WIN_7 Service Pack 1
System drive C: has 136 GB (31%) free of 432 GB
Total RAM: 4040 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:30:22, on 1.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Lenovo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9441 bytes

======Listing Processes======

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zvsu016g.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-28 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-28 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-28 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-28 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-26 418840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-08 2741544]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2012-01-06 114688]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-01-06 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-01-06 5908928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-02 343168]
"332BigDog"=C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [2010-01-19 536576]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-26 222504]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2012-01-06 329056]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-31 5223016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-25 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

#24 Příspěvek od **Márty84** » 01 lis 2014 23:26

Log neni cely

Dubinek · #25 Příspěvek od **Dubinek** » 01 lis 2014 23:35

ajo omlouvám se,

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenovo at 2014-11-01 22:30:18
WIN_7 Service Pack 1
System drive C: has 136 GB (31%) free of 432 GB
Total RAM: 4040 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:30:22, on 1.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Lenovo.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9441 bytes

======Listing Processes======

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zvsu016g.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-28 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-10-28 705448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-28 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-10-28 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-26 418840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-08 2741544]
"Lenovo EE Boot Optimizer"=C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [2012-01-06 114688]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2012-01-06 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2012-01-06 5908928]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-11-02 343168]
"332BigDog"=C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [2010-01-19 536576]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2010-07-26 222504]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2011-01-29 228448]
"VeriFaceManager"=C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2012-01-06 329056]
"UpdatePRCShortCut"=C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [2009-05-13 222504]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-10-31 5223016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-25 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-11-01 19:10:11 ----A---- C:\ComboFix.txt
2014-11-01 19:04:59 ----SHD---- C:\$RECYCLE.BIN
2014-11-01 11:19:09 ----D---- C:\Program Files (x86)\VS Revo Group
2014-10-31 21:49:43 ----A---- C:\windows\zip.exe
2014-10-31 21:49:43 ----A---- C:\windows\SWSC.exe
2014-10-31 21:49:43 ----A---- C:\windows\SWREG.exe
2014-10-31 21:49:43 ----A---- C:\windows\sed.exe
2014-10-31 21:49:43 ----A---- C:\windows\PEV.exe
2014-10-31 21:49:43 ----A---- C:\windows\NIRCMD.exe
2014-10-31 21:49:43 ----A---- C:\windows\MBR.exe
2014-10-31 21:49:43 ----A---- C:\windows\grep.exe
2014-10-31 21:49:29 ----D---- C:\Qoobox
2014-10-31 21:49:09 ----D---- C:\windows\erdnt
2014-10-31 17:03:35 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-31 17:03:12 ----A---- C:\windows\system32\drivers\mwac.sys
2014-10-31 17:03:12 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2014-10-31 17:03:12 ----A---- C:\windows\system32\drivers\mbam.sys
2014-10-31 16:37:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-31 14:10:29 ----A---- C:\windows\system32\msmpeg2vdec.dll
2014-10-31 14:10:28 ----A---- C:\windows\SYSWOW64\msmpeg2vdec.dll
2014-10-30 16:40:41 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2014-10-30 16:40:40 ----A---- C:\windows\system32\WMPhoto.dll
2014-10-30 16:40:40 ----A---- C:\windows\system32\d3d10warp.dll
2014-10-30 16:40:39 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2014-10-30 16:40:36 ----A---- C:\windows\SYSWOW64\KBDYAK.DLL
2014-10-30 16:40:36 ----A---- C:\windows\SYSWOW64\KBDTAT.DLL
2014-10-30 16:40:36 ----A---- C:\windows\SYSWOW64\KBDRU1.DLL
2014-10-30 16:40:36 ----A---- C:\windows\SYSWOW64\KBDRU.DLL
2014-10-30 16:40:36 ----A---- C:\windows\SYSWOW64\KBDBASH.DLL
2014-10-30 16:40:36 ----A---- C:\windows\system32\KBDTAT.DLL
2014-10-30 16:40:35 ----A---- C:\windows\system32\KBDYAK.DLL
2014-10-30 16:40:35 ----A---- C:\windows\system32\KBDRU1.DLL
2014-10-30 16:40:35 ----A---- C:\windows\system32\KBDRU.DLL
2014-10-30 16:40:35 ----A---- C:\windows\system32\KBDBASH.DLL
2014-10-30 16:40:34 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-10-30 16:40:32 ----A---- C:\windows\system32\d2d1.dll
2014-10-30 16:40:31 ----A---- C:\windows\SYSWOW64\d2d1.dll
2014-10-30 16:36:51 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2014-10-30 16:36:51 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-10-30 16:36:48 ----A---- C:\windows\system32\spoolsv.exe
2014-10-30 16:36:47 ----A---- C:\windows\splwow64.exe
2014-10-29 21:15:01 ----HD---- C:\ProgramData\CanonBJ
2014-10-29 20:51:23 ----A---- C:\windows\system32\wmploc.DLL
2014-10-29 20:51:22 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2014-10-29 20:51:22 ----A---- C:\windows\SYSWOW64\wmp.dll
2014-10-29 20:51:20 ----A---- C:\windows\system32\wmp.dll
2014-10-29 20:45:51 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2014-10-29 20:43:14 ----D---- C:\windows\Migration
2014-10-29 20:34:46 ----A---- C:\windows\system32\IEUDINIT.EXE
2014-10-29 20:26:14 ----A---- C:\windows\SYSWOW64\elshyph.dll
2014-10-29 20:26:08 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-10-29 20:26:08 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-10-29 20:26:08 ----A---- C:\windows\SYSWOW64\RegisterIEPKEYs.exe
2014-10-29 20:26:08 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-10-29 20:26:08 ----A---- C:\windows\SYSWOW64\msls31.dll
2014-10-29 20:26:08 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-10-29 20:26:08 ----A---- C:\windows\SYSWOW64\jsIntl.dll
2014-10-29 20:26:08 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-29 20:26:08 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-10-29 20:26:08 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-10-29 20:26:08 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-10-29 20:26:08 ----A---- C:\windows\system32\elshyph.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\wextract.exe
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\webcheck.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\url.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\pngfilt.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\occache.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\mshta.exe
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\msfeedssync.exe
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\licmgr10.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\jscript.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\inseng.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\imgutil.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\iexpress.exe
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\iepeers.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\ieapfltr.dat
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\IEAdvpack.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\icardie.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-10-29 20:26:07 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-10-29 20:26:06 ----A---- C:\windows\SYSWOW64\SetIEInstalledDate.exe
2014-10-29 20:26:06 ----A---- C:\windows\SYSWOW64\mshtmler.dll
2014-10-29 20:26:06 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-10-29 20:26:06 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-10-29 20:26:06 ----A---- C:\windows\SYSWOW64\iesysprep.dll
2014-10-29 20:26:06 ----A---- C:\windows\system32\urlmon.dll
2014-10-29 20:26:06 ----A---- C:\windows\system32\RegisterIEPKEYs.exe
2014-10-29 20:26:06 ----A---- C:\windows\system32\msls31.dll
2014-10-29 20:26:06 ----A---- C:\windows\system32\jsIntl.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\wininet.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\wextract.exe
2014-10-29 20:26:05 ----A---- C:\windows\system32\webcheck.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\vbscript.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\url.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\SetIEInstalledDate.exe
2014-10-29 20:26:05 ----A---- C:\windows\system32\msrating.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\mshtmler.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\mshtmled.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\msfeedssync.exe
2014-10-29 20:26:05 ----A---- C:\windows\system32\msfeedsbs.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\msfeeds.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\licmgr10.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\jsproxy.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\jscript9diag.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\jscript9.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\inseng.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\iexpress.exe
2014-10-29 20:26:05 ----A---- C:\windows\system32\ieui.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\iesysprep.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\iesetup.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\iertutil.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\iernonce.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\ieframe.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\iedkcs32.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\ieapfltr.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\ieapfltr.dat
2014-10-29 20:26:05 ----A---- C:\windows\system32\IEAdvpack.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\ie4uinit.exe
2014-10-29 20:26:05 ----A---- C:\windows\system32\icardie.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\dxtrans.dll
2014-10-29 20:26:05 ----A---- C:\windows\system32\dxtmsft.dll
2014-10-29 20:26:04 ----A---- C:\windows\system32\pngfilt.dll
2014-10-29 20:26:04 ----A---- C:\windows\system32\occache.dll
2014-10-29 20:26:04 ----A---- C:\windows\system32\MshtmlDac.dll
2014-10-29 20:26:04 ----A---- C:\windows\system32\mshtml.dll
2014-10-29 20:26:04 ----A---- C:\windows\system32\mshta.exe
2014-10-29 20:26:04 ----A---- C:\windows\system32\jscript.dll
2014-10-29 20:26:04 ----A---- C:\windows\system32\imgutil.dll
2014-10-29 20:26:04 ----A---- C:\windows\system32\ieUnatt.exe
2014-10-29 20:26:04 ----A---- C:\windows\system32\iepeers.dll
2014-10-29 20:26:04 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-10-29 20:26:04 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-10-29 20:26:04 ----A---- C:\windows\system32\ieetwcollector.exe
2014-10-29 20:23:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-29 20:23:29 ----AH---- C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-10-29 20:23:29 ----A---- C:\windows\SYSWOW64\XpsPrint.dll
2014-10-29 20:23:29 ----A---- C:\windows\SYSWOW64\XpsGdiConverter.dll
2014-10-29 20:23:29 ----A---- C:\windows\SYSWOW64\DWrite.dll
2014-10-29 20:23:29 ----A---- C:\windows\system32\XpsPrint.dll
2014-10-29 20:23:29 ----A---- C:\windows\system32\XpsGdiConverter.dll
2014-10-29 20:23:29 ----A---- C:\windows\system32\dxgi.dll
2014-10-29 20:23:28 ----A---- C:\windows\SYSWOW64\WindowsCodecsExt.dll
2014-10-29 20:23:28 ----A---- C:\windows\SYSWOW64\UIAnimation.dll
2014-10-29 20:23:28 ----A---- C:\windows\SYSWOW64\dxgi.dll
2014-10-29 20:23:28 ----A---- C:\windows\SYSWOW64\d3d10level9.dll
2014-10-29 20:23:28 ----A---- C:\windows\SYSWOW64\d3d10core.dll
2014-10-29 20:23:28 ----A---- C:\windows\SYSWOW64\d3d10_1core.dll
2014-10-29 20:23:28 ----A---- C:\windows\SYSWOW64\d3d10_1.dll
2014-10-29 20:23:28 ----A---- C:\windows\SYSWOW64\d3d10.dll
2014-10-29 20:23:28 ----A---- C:\windows\system32\WindowsCodecsExt.dll
2014-10-29 20:23:28 ----A---- C:\windows\system32\UIAnimation.dll
2014-10-29 20:23:28 ----A---- C:\windows\system32\FntCache.dll
2014-10-29 20:23:28 ----A---- C:\windows\system32\DWrite.dll
2014-10-29 20:23:28 ----A---- C:\windows\system32\d3d10level9.dll
2014-10-29 20:23:28 ----A---- C:\windows\system32\d3d10core.dll
2014-10-29 20:23:28 ----A---- C:\windows\system32\d3d10_1core.dll
2014-10-29 20:23:28 ----A---- C:\windows\system32\d3d10_1.dll
2014-10-29 20:23:28 ----A---- C:\windows\system32\d3d10.dll
2014-10-29 19:54:42 ----SD---- C:\windows\system32\CompatTel
2014-10-29 19:54:42 ----D---- C:\windows\SYSWOW64\Wat
2014-10-29 19:54:42 ----D---- C:\windows\system32\Wat
2014-10-29 18:22:12 ----D---- C:\d41a19c517de77a45e999255b4
2014-10-29 17:29:35 ----A---- C:\windows\system32\browserchoice.exe
2014-10-29 17:12:52 ----D---- C:\Users\Lenovo\AppData\Roaming\Skype
2014-10-29 17:11:46 ----RD---- C:\Program Files (x86)\Skype
2014-10-29 17:11:41 ----D---- C:\ProgramData\Skype
2014-10-29 16:50:12 ----A---- C:\windows\system32\drivers\WUDFRd.sys
2014-10-29 16:50:12 ----A---- C:\windows\system32\drivers\WUDFPf.sys
2014-10-29 16:50:11 ----A---- C:\windows\system32\WUDFSvc.dll
2014-10-29 16:50:11 ----A---- C:\windows\system32\WUDFPlatform.dll
2014-10-29 16:50:09 ----A---- C:\windows\system32\WUDFHost.exe
2014-10-29 16:50:09 ----A---- C:\windows\system32\WUDFCoinstaller.dll
2014-10-29 16:50:08 ----A---- C:\windows\system32\WUDFx.dll
2014-10-29 16:37:04 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-29 16:37:04 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-10-29 16:02:40 ----A---- C:\windows\system32\drivers\fs_rec.sys
2014-10-29 16:02:38 ----A---- C:\windows\SYSWOW64\wmi.dll
2014-10-29 16:02:38 ----A---- C:\windows\system32\wmi.dll
2014-10-29 15:57:20 ----D---- C:\Config.Msi
2014-10-29 15:49:57 ----D---- C:\windows\system32\MRT
2014-10-29 15:49:51 ----A---- C:\windows\system32\MRT.exe
2014-10-29 15:47:23 ----A---- C:\windows\SYSWOW64\infocardapi.dll
2014-10-29 15:47:23 ----A---- C:\windows\system32\infocardapi.dll
2014-10-29 15:47:22 ----A---- C:\windows\SYSWOW64\icardagt.exe
2014-10-29 15:47:22 ----A---- C:\windows\system32\icardagt.exe
2014-10-29 15:47:20 ----A---- C:\windows\SYSWOW64\icardres.dll
2014-10-29 15:47:20 ----A---- C:\windows\system32\icardres.dll
2014-10-29 15:46:47 ----A---- C:\windows\SYSWOW64\TsWpfWrp.exe
2014-10-29 15:46:47 ----A---- C:\windows\system32\TsWpfWrp.exe
2014-10-29 13:33:25 ----D---- C:\Program Files (x86)\Microsoft Works
2014-10-29 13:32:58 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2014-10-29 13:31:10 ----D---- C:\Program Files\Microsoft Office
2014-10-29 13:31:05 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-10-29 13:29:58 ----D---- C:\ProgramData\Microsoft Help
2014-10-29 13:29:33 ----RD---- C:\MSOCache
2014-10-29 12:38:05 ----A---- C:\windows\zoek-delete.exe
2014-10-29 12:38:04 ----D---- C:\windows\Temp
2014-10-29 11:29:37 ----D---- C:\windows\ERUNT
2014-10-29 11:17:49 ----D---- C:\AdwCleaner
2014-10-29 11:08:11 ----SD---- C:\windows\SYSWOW64\Microsoft
2014-10-29 10:51:58 ----D---- C:\rsit
2014-10-29 10:51:58 ----D---- C:\Program Files\trend micro
2014-10-29 10:45:19 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-10-29 10:39:52 ----D---- C:\ProgramData\Freemake
2014-10-29 10:39:40 ----D---- C:\Program Files (x86)\Freemake
2014-10-29 09:48:39 ----D---- C:\Program Files (x86)\Adobe
2014-10-29 09:46:49 ----D---- C:\ProgramData\Adobe
2014-10-29 09:36:52 ----D---- C:\Program Files\CCleaner
2014-10-29 09:02:17 ----A---- C:\windows\ntbtlog.txt
2014-10-29 08:49:33 ----D---- C:\windows\SYSWOW64\drivers\sk-SK
2014-10-29 08:49:33 ----D---- C:\windows\sk-SK
2014-10-29 08:49:31 ----D---- C:\windows\system32\drivers\sk-SK
2014-10-29 08:43:41 ----D---- C:\windows\pss
2014-10-29 04:23:40 ----A---- C:\windows\SYSWOW64\poqexec.exe
2014-10-29 04:23:40 ----A---- C:\windows\system32\poqexec.exe
2014-10-29 04:16:54 ----A---- C:\windows\SYSWOW64\msieftp.dll
2014-10-29 04:16:54 ----A---- C:\windows\system32\msieftp.dll
2014-10-29 04:16:53 ----A---- C:\windows\system32\wwansvc.dll
2014-10-29 04:16:53 ----A---- C:\windows\system32\wwanprotdim.dll
2014-10-29 04:16:52 ----A---- C:\windows\system32\comctl32.dll
2014-10-29 04:16:51 ----A---- C:\windows\SYSWOW64\comctl32.dll
2014-10-29 04:16:32 ----A---- C:\windows\SYSWOW64\dhcpcore6.dll
2014-10-29 04:16:32 ----A---- C:\windows\system32\dhcpcsvc6.dll
2014-10-29 04:16:32 ----A---- C:\windows\system32\dhcpcore6.dll
2014-10-29 04:16:31 ----A---- C:\windows\SYSWOW64\dhcpcsvc6.dll
2014-10-29 04:15:23 ----A---- C:\windows\system32\wintrust.dll
2014-10-29 04:15:22 ----A---- C:\windows\SYSWOW64\wintrust.dll
2014-10-29 04:13:38 ----A---- C:\windows\SYSWOW64\quartz.dll
2014-10-29 04:13:38 ----A---- C:\windows\system32\quartz.dll
2014-10-29 04:13:32 ----A---- C:\windows\SYSWOW64\ntshrui.dll
2014-10-29 04:13:32 ----A---- C:\windows\system32\ntshrui.dll
2014-10-29 04:11:58 ----A---- C:\windows\system32\usp10.dll
2014-10-29 04:11:57 ----A---- C:\windows\SYSWOW64\usp10.dll
2014-10-29 04:11:56 ----A---- C:\windows\system32\win32k.sys
2014-10-29 04:11:47 ----A---- C:\windows\SYSWOW64\webio.dll
2014-10-29 04:11:47 ----A---- C:\windows\system32\webio.dll
2014-10-29 04:11:38 ----A---- C:\windows\system32\TSWorkspace.dll
2014-10-29 04:11:37 ----A---- C:\windows\SYSWOW64\TSWorkspace.dll
2014-10-29 04:10:14 ----A---- C:\windows\SYSWOW64\mscorier.dll
2014-10-29 04:10:14 ----A---- C:\windows\SYSWOW64\dfshim.dll
2014-10-29 04:10:14 ----A---- C:\windows\system32\mscorier.dll
2014-10-29 04:10:13 ----A---- C:\windows\SYSWOW64\mscories.dll
2014-10-29 04:10:13 ----A---- C:\windows\system32\mscories.dll
2014-10-29 04:10:13 ----A---- C:\windows\system32\dfshim.dll
2014-10-29 04:10:03 ----A---- C:\windows\system32\crypt32.dll
2014-10-29 04:09:58 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2014-10-29 04:09:58 ----A---- C:\windows\SYSWOW64\crypt32.dll
2014-10-29 04:09:58 ----A---- C:\windows\system32\cryptsvc.dll
2014-10-29 04:09:58 ----A---- C:\windows\system32\cryptnet.dll
2014-10-29 04:09:57 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2014-10-29 04:09:33 ----A---- C:\windows\SYSWOW64\wer.dll
2014-10-29 04:09:33 ----A---- C:\windows\system32\wer.dll
2014-10-29 04:09:31 ----A---- C:\windows\SYSWOW64\imagehlp.dll
2014-10-29 04:09:31 ----A---- C:\windows\system32\imagehlp.dll
2014-10-29 04:09:27 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-10-29 04:09:27 ----A---- C:\windows\system32\drivers\netio.sys
2014-10-29 04:09:27 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2014-10-29 04:08:43 ----A---- C:\windows\system32\msxml6.dll
2014-10-29 04:08:42 ----A---- C:\windows\system32\msxml3.dll
2014-10-29 04:08:41 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2014-10-29 04:08:41 ----A---- C:\windows\SYSWOW64\msxml6.dll
2014-10-29 04:08:41 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-10-29 04:08:41 ----A---- C:\windows\system32\msxml6r.dll
2014-10-29 04:08:40 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-10-29 04:08:40 ----A---- C:\windows\system32\msxml3r.dll
2014-10-29 04:07:06 ----A---- C:\windows\system32\drivers\portcls.sys
2014-10-29 04:07:06 ----A---- C:\windows\system32\drivers\drmk.sys
2014-10-29 04:06:58 ----A---- C:\windows\SYSWOW64\osk.exe
2014-10-29 04:06:58 ----A---- C:\windows\system32\osk.exe
2014-10-29 04:06:38 ----A---- C:\windows\system32\drivers\ataport.sys
2014-10-29 04:06:20 ----A---- C:\windows\SYSWOW64\SmartcardCredentialProvider.dll
2014-10-29 04:06:20 ----A---- C:\windows\SYSWOW64\credui.dll
2014-10-29 04:06:20 ----A---- C:\windows\system32\SmartcardCredentialProvider.dll
2014-10-29 04:06:20 ----A---- C:\windows\system32\credui.dll
2014-10-29 04:05:58 ----A---- C:\windows\system32\atmfd.dll
2014-10-29 04:05:57 ----A---- C:\windows\SYSWOW64\atmlib.dll
2014-10-29 04:05:57 ----A---- C:\windows\SYSWOW64\atmfd.dll
2014-10-29 04:05:57 ----A---- C:\windows\system32\lpk.dll
2014-10-29 04:05:57 ----A---- C:\windows\system32\dciman32.dll
2014-10-29 04:05:57 ----A---- C:\windows\system32\atmlib.dll
2014-10-29 04:05:56 ----A---- C:\windows\SYSWOW64\lpk.dll
2014-10-29 04:05:56 ----A---- C:\windows\SYSWOW64\fontsub.dll
2014-10-29 04:05:56 ----A---- C:\windows\SYSWOW64\dciman32.dll
2014-10-29 04:05:56 ----A---- C:\windows\system32\fontsub.dll
2014-10-29 04:05:53 ----A---- C:\windows\system32\RMActivate_isv.exe
2014-10-29 04:05:53 ----A---- C:\windows\system32\RMActivate.exe
2014-10-29 04:05:52 ----A---- C:\windows\SYSWOW64\RMActivate_isv.exe
2014-10-29 04:05:50 ----A---- C:\windows\SYSWOW64\RMActivate.exe
2014-10-29 04:05:48 ----A---- C:\windows\SYSWOW64\secproc_isv.dll
2014-10-29 04:05:48 ----A---- C:\windows\SYSWOW64\RMActivate_ssp_isv.exe
2014-10-29 04:05:48 ----A---- C:\windows\SYSWOW64\RMActivate_ssp.exe
2014-10-29 04:05:48 ----A---- C:\windows\system32\secproc_isv.dll
2014-10-29 04:05:48 ----A---- C:\windows\system32\RMActivate_ssp_isv.exe
2014-10-29 04:05:48 ----A---- C:\windows\system32\RMActivate_ssp.exe
2014-10-29 04:05:47 ----A---- C:\windows\SYSWOW64\secproc.dll
2014-10-29 04:05:47 ----A---- C:\windows\system32\secproc.dll
2014-10-29 04:05:47 ----A---- C:\windows\system32\msdrm.dll
2014-10-29 04:05:46 ----A---- C:\windows\SYSWOW64\secproc_ssp_isv.dll
2014-10-29 04:05:46 ----A---- C:\windows\SYSWOW64\secproc_ssp.dll
2014-10-29 04:05:46 ----A---- C:\windows\SYSWOW64\msdrm.dll
2014-10-29 04:05:46 ----A---- C:\windows\system32\secproc_ssp_isv.dll
2014-10-29 04:05:46 ----A---- C:\windows\system32\secproc_ssp.dll
2014-10-29 04:05:20 ----A---- C:\windows\system32\drivers\usbehci.sys
2014-10-29 04:05:19 ----A---- C:\windows\system32\drivers\usbport.sys
2014-10-29 04:05:19 ----A---- C:\windows\system32\drivers\usbhub.sys
2014-10-29 04:05:19 ----A---- C:\windows\system32\drivers\usbd.sys
2014-10-29 04:05:19 ----A---- C:\windows\system32\drivers\usbccgp.sys
2014-10-29 04:05:15 ----A---- C:\windows\system32\d3d11.dll
2014-10-29 04:05:14 ----A---- C:\windows\SYSWOW64\d3d11.dll
2014-10-29 04:05:12 ----A---- C:\windows\system32\drivers\ndis.sys
2014-10-29 04:05:11 ----A---- C:\windows\system32\drivers\RNDISMP.sys
2014-10-29 04:05:02 ----A---- C:\windows\system32\qedit.dll
2014-10-29 04:05:01 ----A---- C:\windows\SYSWOW64\qedit.dll
2014-10-29 04:04:37 ----A---- C:\windows\system32\WMVDECOD.DLL
2014-10-29 04:04:36 ----A---- C:\windows\SYSWOW64\WMVDECOD.DLL
2014-10-29 04:04:34 ----A---- C:\windows\system32\drivers\usb8023.sys
2014-10-29 04:04:21 ----A---- C:\windows\system32\drivers\afd.sys
2014-10-29 04:04:20 ----A---- C:\windows\system32\Wdfres.dll
2014-10-29 04:04:20 ----A---- C:\windows\system32\drivers\WdfLdr.sys
2014-10-29 04:04:20 ----A---- C:\windows\system32\drivers\Wdf01000.sys
2014-10-29 04:04:18 ----A---- C:\windows\system32\drivers\usbvideo.sys
2014-10-29 04:04:18 ----A---- C:\windows\system32\drivers\usbcir.sys
2014-10-29 04:04:06 ----A---- C:\windows\SYSWOW64\ncsi.dll
2014-10-29 04:04:06 ----A---- C:\windows\system32\ncsi.dll
2014-10-29 04:04:05 ----A---- C:\windows\SYSWOW64\nlaapi.dll
2014-10-29 04:04:05 ----A---- C:\windows\SYSWOW64\netcorehc.dll
2014-10-29 04:04:05 ----A---- C:\windows\system32\nlasvc.dll
2014-10-29 04:04:05 ----A---- C:\windows\system32\netcorehc.dll
2014-10-29 04:04:05 ----A---- C:\windows\system32\iphlpsvc.dll
2014-10-29 04:04:04 ----A---- C:\windows\system32\drivers\tcpipreg.sys
2014-10-29 04:04:03 ----A---- C:\windows\SYSWOW64\netevent.dll
2014-10-29 04:04:03 ----A---- C:\windows\system32\nlaapi.dll
2014-10-29 04:04:03 ----A---- C:\windows\system32\netevent.dll
2014-10-29 04:03:34 ----A---- C:\windows\system32\generaltel.dll
2014-10-29 04:03:34 ----A---- C:\windows\system32\aepdu.dll
2014-10-29 04:03:33 ----A---- C:\windows\system32\aeinv.dll
2014-10-29 04:03:32 ----A---- C:\windows\system32\drivers\usbscan.sys
2014-10-29 04:03:32 ----A---- C:\windows\system32\drivers\hidparse.sys
2014-10-29 04:03:32 ----A---- C:\windows\system32\drivers\hidclass.sys
2014-10-29 04:03:29 ----A---- C:\windows\system32\profsvc.dll
2014-10-29 04:02:09 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2014-10-29 04:02:09 ----A---- C:\windows\SYSWOW64\davclnt.dll
2014-10-29 04:02:09 ----A---- C:\windows\system32\WebClnt.dll
2014-10-29 04:02:09 ----A---- C:\windows\system32\drivers\mrxdav.sys
2014-10-29 04:02:09 ----A---- C:\windows\system32\davclnt.dll
2014-10-29 04:02:07 ----A---- C:\windows\SYSWOW64\dpnet.dll
2014-10-29 04:02:07 ----A---- C:\windows\system32\dpnet.dll
2014-10-29 04:01:23 ----A---- C:\windows\system32\ntoskrnl.exe
2014-10-29 04:01:19 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2014-10-29 04:01:18 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2014-10-29 04:01:17 ----A---- C:\windows\system32\objsel.dll
2014-10-29 04:01:17 ----A---- C:\windows\system32\KernelBase.dll
2014-10-29 04:01:15 ----A---- C:\windows\SYSWOW64\objsel.dll
2014-10-29 04:01:14 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2014-10-29 04:01:13 ----A---- C:\windows\SYSWOW64\dimsroam.dll
2014-10-29 04:01:13 ----A---- C:\windows\SYSWOW64\adprovider.dll
2014-10-29 04:01:13 ----A---- C:\windows\system32\smss.exe
2014-10-29 04:01:13 ----A---- C:\windows\system32\dimsroam.dll
2014-10-29 04:01:13 ----A---- C:\windows\system32\cngprovider.dll
2014-10-29 04:01:13 ----A---- C:\windows\system32\adprovider.dll
2014-10-29 04:01:12 ----A---- C:\windows\SYSWOW64\dpapiprovider.dll
2014-10-29 04:01:12 ----A---- C:\windows\SYSWOW64\cngprovider.dll
2014-10-29 04:01:12 ----A---- C:\windows\SYSWOW64\capiprovider.dll
2014-10-29 04:01:12 ----A---- C:\windows\system32\dpapiprovider.dll
2014-10-29 04:01:12 ----A---- C:\windows\system32\capiprovider.dll
2014-10-29 04:01:11 ----A---- C:\windows\SYSWOW64\wincredprovider.dll
2014-10-29 04:01:11 ----A---- C:\windows\system32\wincredprovider.dll
2014-10-29 04:01:11 ----A---- C:\windows\system32\csrsrv.dll
2014-10-29 04:01:01 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2014-10-29 04:01:01 ----A---- C:\windows\system32\apisetschema.dll
2014-10-29 04:00:11 ----A---- C:\windows\system32\OxpsConverter.exe
2014-10-29 03:59:16 ----A---- C:\windows\SYSWOW64\qdvd.dll
2014-10-29 03:59:16 ----A---- C:\windows\system32\qdvd.dll
2014-10-29 03:59:15 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2014-10-29 03:59:15 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2014-10-29 03:59:15 ----A---- C:\windows\system32\cdd.dll
2014-10-29 03:59:09 ----A---- C:\windows\system32\mswsock.dll
2014-10-29 03:59:08 ----A---- C:\windows\SYSWOW64\mswsock.dll
2014-10-29 03:58:57 ----A---- C:\windows\system32\Wpc.dll
2014-10-29 03:58:56 ----A---- C:\windows\system32\gameux.dll
2014-10-29 03:58:55 ----A---- C:\windows\SYSWOW64\Wpc.dll
2014-10-29 03:58:55 ----A---- C:\windows\SYSWOW64\gameux.dll
2014-10-29 03:56:24 ----A---- C:\windows\system32\ntdll.dll
2014-10-29 03:56:24 ----A---- C:\windows\system32\advapi32.dll
2014-10-29 03:56:22 ----A---- C:\windows\SYSWOW64\tdh.dll
2014-10-29 03:56:22 ----A---- C:\windows\SYSWOW64\ntdll.dll
2014-10-29 03:56:22 ----A---- C:\windows\system32\tdh.dll
2014-10-29 03:56:21 ----A---- C:\windows\SYSWOW64\advapi32.dll
2014-10-29 03:56:05 ----A---- C:\windows\system32\drivers\partmgr.sys
2014-10-29 03:54:45 ----A---- C:\windows\system32\msi.dll
2014-10-29 03:54:40 ----A---- C:\windows\SYSWOW64\msi.dll
2014-10-29 03:54:37 ----A---- C:\windows\system32\authui.dll
2014-10-29 03:54:36 ----A---- C:\windows\SYSWOW64\msihnd.dll
2014-10-29 03:54:36 ----A---- C:\windows\SYSWOW64\authui.dll
2014-10-29 03:54:36 ----A---- C:\windows\system32\msihnd.dll
2014-10-29 03:54:36 ----A---- C:\windows\system32\consent.exe
2014-10-29 03:54:36 ----A---- C:\windows\system32\appinfo.dll
2014-10-29 03:54:10 ----A---- C:\windows\system32\drivers\bthport.sys
2014-10-29 03:54:06 ----A---- C:\windows\system32\drivers\storport.sys
2014-10-29 03:54:06 ----A---- C:\windows\system32\drivers\msiscsi.sys
2014-10-29 03:54:06 ----A---- C:\windows\system32\drivers\Diskdump.sys
2014-10-29 03:54:04 ----A---- C:\windows\SYSWOW64\iologmsg.dll
2014-10-29 03:54:04 ----A---- C:\windows\system32\iologmsg.dll
2014-10-29 03:53:18 ----A---- C:\windows\SYSWOW64\synceng.dll
2014-10-29 03:53:18 ----A---- C:\windows\system32\synceng.dll
2014-10-29 03:53:08 ----A---- C:\windows\SYSWOW64\shdocvw.dll
2014-10-29 03:53:08 ----A---- C:\windows\system32\shdocvw.dll
2014-10-29 03:52:31 ----A---- C:\windows\system32\rastls.dll
2014-10-29 03:52:30 ----A---- C:\windows\SYSWOW64\rastls.dll
2014-10-29 03:52:18 ----A---- C:\windows\SYSWOW64\tzres.dll
2014-10-29 03:52:18 ----A---- C:\windows\system32\tzres.dll
2014-10-29 03:51:53 ----A---- C:\windows\SYSWOW64\win32spl.dll
2014-10-29 03:51:53 ----A---- C:\windows\system32\win32spl.dll
2014-10-29 03:51:52 ----A---- C:\windows\system32\taskhost.exe
2014-10-29 03:51:42 ----A---- C:\windows\system32\shell32.dll
2014-10-29 03:51:41 ----A---- C:\windows\SYSWOW64\shell32.dll
2014-10-29 03:51:32 ----A---- C:\windows\SYSWOW64\cryptdlg.dll
2014-10-29 03:51:32 ----A---- C:\windows\system32\cryptdlg.dll
2014-10-29 03:50:30 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-29 03:50:30 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-29 03:50:22 ----A---- C:\windows\SYSWOW64\mstscax.dll
2014-10-29 03:50:21 ----A---- C:\windows\system32\schannel.dll
2014-10-29 03:50:21 ----A---- C:\windows\system32\lsasrv.dll
2014-10-29 03:50:20 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-10-29 03:50:20 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-10-29 03:50:20 ----A---- C:\windows\system32\winlogon.exe
2014-10-29 03:50:20 ----A---- C:\windows\system32\mstscax.dll
2014-10-29 03:50:20 ----A---- C:\windows\system32\kerberos.dll
2014-10-29 03:50:19 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-10-29 03:50:19 ----A---- C:\windows\system32\msv1_0.dll
2014-10-29 03:50:16 ----A---- C:\windows\system32\TSpkg.dll
2014-10-29 03:50:16 ----A---- C:\windows\system32\ncrypt.dll
2014-10-29 03:50:15 ----A---- C:\windows\system32\mstsc.exe
2014-10-29 03:50:13 ----A---- C:\windows\system32\termsrv.dll
2014-10-29 03:50:12 ----A---- C:\windows\SYSWOW64\mstsc.exe
2014-10-29 03:50:09 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-10-29 03:50:09 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-10-29 03:50:05 ----A---- C:\windows\system32\wdigest.dll
2014-10-29 03:50:04 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-10-29 03:50:04 ----A---- C:\windows\system32\winsta.dll
2014-10-29 03:50:02 ----A---- C:\windows\system32\drivers\rdpwd.sys
2014-10-29 03:50:00 ----A---- C:\windows\SYSWOW64\winsta.dll
2014-10-29 03:50:00 ----A---- C:\windows\system32\rdrmemptylst.exe
2014-10-29 03:50:00 ----A---- C:\windows\system32\rdpcorekmts.dll
2014-10-29 03:49:59 ----A---- C:\windows\SYSWOW64\aaclient.dll
2014-10-29 03:49:58 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-10-29 03:49:58 ----A---- C:\windows\system32\rdpwsx.dll
2014-10-29 03:49:58 ----A---- C:\windows\system32\drivers\tssecsrv.sys
2014-10-29 03:49:57 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2014-10-29 03:49:57 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-10-29 03:49:57 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-10-29 03:49:57 ----A---- C:\windows\system32\tsgqec.dll
2014-10-29 03:49:57 ----A---- C:\windows\system32\credssp.dll
2014-10-29 03:49:57 ----A---- C:\windows\system32\aaclient.dll
2014-10-29 03:48:47 ----A---- C:\windows\system32\browser.dll
2014-10-29 03:48:47 ----A---- C:\windows\system32\browcli.dll
2014-10-29 03:48:46 ----A---- C:\windows\SYSWOW64\netapi32.dll
2014-10-29 03:48:46 ----A---- C:\windows\SYSWOW64\browcli.dll
2014-10-29 03:48:46 ----A---- C:\windows\system32\netapi32.dll
2014-10-29 03:48:43 ----A---- C:\windows\system32\kernel32.dll
2014-10-29 03:48:41 ----A---- C:\windows\system32\wow64win.dll
2014-10-29 03:48:41 ----A---- C:\windows\system32\wow64.dll
2014-10-29 03:48:40 ----A---- C:\windows\SYSWOW64\setup16.exe
2014-10-29 03:48:40 ----A---- C:\windows\SYSWOW64\kernel32.dll
2014-10-29 03:48:40 ----A---- C:\windows\system32\winsrv.dll
2014-10-29 03:48:40 ----A---- C:\windows\system32\ntvdm64.dll
2014-10-29 03:48:40 ----A---- C:\windows\system32\conhost.exe
2014-10-29 03:48:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-10-29 03:48:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-10-29 03:48:38 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-10-29 03:48:38 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-10-29 03:48:38 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-10-29 03:48:38 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-10-29 03:48:38 ----A---- C:\windows\SYSWOW64\wow32.dll
2014-10-29 03:48:38 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2014-10-29 03:48:38 ----A---- C:\windows\SYSWOW64\instnm.exe
2014-10-29 03:48:38 ----A---- C:\windows\system32\wow64cpu.dll
2014-10-29 03:48:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-10-29 03:48:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-10-29 03:48:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-10-29 03:48:37 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2014-10-29 03:48:37 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-10-29 03:48:37 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-10-29 03:48:37 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-10-29 03:48:37 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-10-29 03:48:37 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-10-29 03:48:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2014-10-29 03:48:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-10-29 03:48:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-10-29 03:48:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-10-29 03:48:36 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-10-29 03:48:36 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-10-29 03:48:36 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-10-29 03:48:36 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-10-29 03:48:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-10-29 03:48:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-10-29 03:48:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2014-10-29 03:48:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-10-29 03:48:35 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-10-29 03:48:35 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-10-29 03:48:35 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-10-29 03:48:35 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-10-29 03:48:35 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-10-29 03:48:34 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-10-29 03:48:34 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-10-29 03:48:34 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-10-29 03:48:34 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-10-29 03:48:34 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-10-29 03:48:34 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-10-29 03:48:34 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-10-29 03:48:34 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-10-29 03:48:34 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-10-29 03:48:34 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-10-29 03:48:33 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-10-29 03:48:33 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-10-29 03:48:32 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2014-10-29 03:48:32 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-10-29 03:48:32 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2014-10-29 03:48:32 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-10-29 03:48:32 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-10-29 03:48:32 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-10-29 03:48:32 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-10-29 03:48:32 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-10-29 03:48:32 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-10-29 03:48:31 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2014-10-29 03:48:31 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-10-29 03:48:31 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-10-29 03:48:31 ----A---- C:\windows\SYSWOW64\user.exe
2014-10-29 03:48:27 ----A---- C:\windows\system32\drivers\fvevol.sys
2014-10-29 03:48:23 ----A---- C:\windows\SYSWOW64\srclient.dll
2014-10-29 03:48:23 ----A---- C:\windows\system32\srcore.dll
2014-10-29 03:48:21 ----A---- C:\windows\SYSWOW64\msvcrt.dll
2014-10-29 03:48:21 ----A---- C:\windows\system32\msvcrt.dll
2014-10-29 03:48:16 ----A---- C:\windows\system32\drivers\ntfs.sys
2014-10-29 03:48:09 ----A---- C:\windows\SYSWOW64\certutil.exe
2014-10-29 03:48:09 ----A---- C:\windows\system32\certutil.exe
2014-10-29 03:48:05 ----A---- C:\windows\SYSWOW64\certenc.dll
2014-10-29 03:48:05 ----A---- C:\windows\system32\certenc.dll
2014-10-29 03:47:12 ----A---- C:\windows\system32\cscript.exe
2014-10-29 03:47:11 ----A---- C:\windows\SYSWOW64\wscript.exe
2014-10-29 03:47:11 ----A---- C:\windows\system32\scrrun.dll
2014-10-29 03:47:10 ----A---- C:\windows\system32\wscript.exe
2014-10-29 03:47:08 ----A---- C:\windows\SYSWOW64\scrrun.dll
2014-10-29 03:47:06 ----A---- C:\windows\SYSWOW64\cscript.exe
2014-10-29 03:46:50 ----A---- C:\windows\system32\drivers\cng.sys
2014-10-29 03:46:49 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-10-29 03:46:47 ----A---- C:\windows\system32\drivers\ksecdd.sys
2014-10-29 03:46:46 ----A---- C:\windows\system32\sspicli.dll
2014-10-29 03:46:46 ----A---- C:\windows\system32\lsass.exe
2014-10-29 03:46:45 ----A---- C:\windows\system32\secur32.dll
2014-10-29 03:46:44 ----A---- C:\windows\system32\sspisrv.dll
2014-10-29 03:45:57 ----A---- C:\windows\system32\packager.dll
2014-10-29 03:45:56 ----A---- C:\windows\SYSWOW64\packager.dll
2014-10-29 03:45:50 ----A---- C:\windows\system32\localspl.dll
2014-10-29 03:45:42 ----A---- C:\windows\SYSWOW64\gdi32.dll
2014-10-29 03:45:42 ----A---- C:\windows\system32\gdi32.dll
2014-10-29 03:45:39 ----A---- C:\windows\system32\drivers\bowser.sys
2014-10-29 03:45:36 ----A---- C:\windows\SYSWOW64\EncDec.dll
2014-10-29 03:45:36 ----A---- C:\windows\system32\EncDec.dll
2014-10-29 03:44:51 ----A---- C:\windows\SYSWOW64\cdosys.dll
2014-10-29 03:44:44 ----A---- C:\windows\system32\cdosys.dll
2014-10-29 03:44:14 ----A---- C:\windows\system32\IKEEXT.DLL
2014-10-29 03:44:13 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2014-10-29 03:44:13 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2014-10-29 03:44:13 ----A---- C:\windows\system32\nshwfp.dll
2014-10-29 03:44:13 ----A---- C:\windows\system32\FWPUCLNT.DLL
2014-10-29 03:44:10 ----A---- C:\windows\system32\scavengeui.dll
2014-10-29 03:43:53 ----A---- C:\windows\system32\rpcrt4.dll
2014-10-29 03:43:52 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2014-10-28 23:55:10 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-10-28 22:49:53 ----A---- C:\windows\system32\javaws.exe
2014-10-28 22:49:45 ----A---- C:\windows\system32\WindowsAccessBridge-64.dll
2014-10-28 22:49:45 ----A---- C:\windows\system32\javaw.exe
2014-10-28 22:49:45 ----A---- C:\windows\system32\java.exe
2014-10-28 22:17:31 ----D---- C:\Users\Lenovo\AppData\Roaming\TS3Client
2014-10-28 22:16:22 ----A---- C:\windows\system32\drivers\aswStm.sys
2014-10-28 22:16:21 ----A---- C:\windows\system32\drivers\aswVmm.sys
2014-10-28 22:16:21 ----A---- C:\windows\system32\drivers\aswSP.sys
2014-10-28 22:16:21 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2014-10-28 22:16:21 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2014-10-28 22:16:21 ----A---- C:\windows\system32\drivers\aswmonflt.sys
2014-10-28 22:16:21 ----A---- C:\windows\system32\drivers\aswHwid.sys
2014-10-28 22:16:20 ----A---- C:\windows\system32\drivers\aswsnx.sys
2014-10-28 22:16:09 ----A---- C:\windows\system32\aswBoot.exe
2014-10-28 22:16:07 ----A---- C:\windows\avastSS.scr
2014-10-28 22:10:22 ----A---- C:\windows\SYSWOW64\rdpcore.dll
2014-10-28 22:10:22 ----A---- C:\windows\system32\rdpcore.dll
2014-10-28 22:10:22 ----A---- C:\windows\system32\drivers\tdtcp.sys
2014-10-28 21:06:00 ----D---- C:\ProgramData\CyberLink
2014-10-28 20:28:47 ----D---- C:\Program Files (x86)\McAfee VirusScan Home Edition 7.02 Demo 30
2014-10-28 20:27:33 ----D---- C:\Users\Lenovo\AppData\Roaming\Macromedia
2014-10-28 20:27:33 ----D---- C:\Users\Lenovo\AppData\Roaming\Adobe
2014-10-28 20:18:32 ----D---- C:\windows\SYSWOW64\Macromed
2014-10-28 20:18:31 ----D---- C:\windows\system32\Macromed
2014-10-28 20:17:01 ----D---- C:\Program Files\Java
2014-10-28 20:09:17 ----D---- C:\ProgramData\Malwarebytes
2014-10-28 19:03:55 ----D---- C:\Users\Lenovo\AppData\Roaming\Mozilla
2014-10-28 19:03:45 ----D---- C:\ProgramData\Mozilla
2014-10-28 19:03:42 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-28 18:36:03 ----ASH---- C:\pagefile.sys
2014-10-28 18:35:55 ----SHD---- C:\System Volume Information
2014-10-28 18:35:47 ----ASH---- C:\hiberfil.sys
2014-10-28 17:53:59 ----D---- C:\Users\Lenovo\AppData\Roaming\AVAST Software
2014-10-28 17:47:18 ----D---- C:\Program Files\AVAST Software
2014-10-28 17:46:27 ----D---- C:\ProgramData\AVAST Software
2014-10-28 17:45:27 ----A---- C:\windows\system32\wups2.dll
2014-10-28 17:45:27 ----A---- C:\windows\system32\wucltux.dll
2014-10-28 17:45:27 ----A---- C:\windows\system32\wuaueng.dll
2014-10-28 17:45:27 ----A---- C:\windows\system32\wuauclt.exe
2014-10-28 17:45:17 ----A---- C:\windows\SYSWOW64\wups.dll
2014-10-28 17:45:17 ----A---- C:\windows\SYSWOW64\wudriver.dll
2014-10-28 17:45:17 ----A---- C:\windows\SYSWOW64\wuapi.dll
2014-10-28 17:45:17 ----A---- C:\windows\system32\wups.dll
2014-10-28 17:45:17 ----A---- C:\windows\system32\wudriver.dll
2014-10-28 17:45:17 ----A---- C:\windows\system32\wuapi.dll
2014-10-28 17:45:09 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2014-10-28 17:45:09 ----A---- C:\windows\SYSWOW64\wuapp.exe
2014-10-28 17:45:09 ----A---- C:\windows\system32\wuwebv.dll
2014-10-28 17:45:09 ----A---- C:\windows\system32\wuapp.exe
2014-10-28 17:43:07 ----D---- C:\Users\Lenovo\AppData\Roaming\Intel Corporation
2014-10-28 17:43:01 ----D---- C:\Users\Lenovo\AppData\Roaming\ATI
2014-10-28 17:42:22 ----D---- C:\Users\Lenovo\AppData\Roaming\Identities
2014-10-28 17:41:46 ----SD---- C:\Users\Lenovo\AppData\Roaming\Microsoft
2014-10-28 17:41:46 ----D---- C:\Users\Lenovo\AppData\Roaming\Media Center Programs
2014-10-28 17:40:07 ----D---- C:\Recovery

======List of files/folders modified in the last 1 month======

2014-11-01 22:21:47 ----D---- C:\windows\system32\config
2014-11-01 22:14:13 ----D---- C:\windows\System32
2014-11-01 22:14:13 ----D---- C:\windows\inf
2014-11-01 22:14:13 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-11-01 19:32:02 ----SHD---- C:\windows\Installer
2014-11-01 19:31:34 ----RD---- C:\Program Files (x86)
2014-11-01 19:31:17 ----D---- C:\Program Files (x86)\Google
2014-11-01 19:27:51 ----D---- C:\windows\Tasks
2014-11-01 19:27:51 ----D---- C:\windows\system32\Tasks
2014-11-01 19:10:17 ----D---- C:\windows\system32\drivers
2014-11-01 19:06:17 ----A---- C:\windows\SYSWOW64\log.txt
2014-11-01 19:04:57 ----D---- C:\Windows
2014-11-01 19:04:57 ----A---- C:\windows\system.ini
2014-11-01 19:04:50 ----D---- C:\windows\system32\drivers\etc
2014-11-01 19:02:36 ----D---- C:\windows\system32\wdi
2014-11-01 18:55:27 ----D---- C:\windows\SYSWOW64\drivers
2014-11-01 18:55:27 ----D---- C:\windows\SysWOW64
2014-11-01 18:55:27 ----D---- C:\windows\AppPatch
2014-11-01 18:55:25 ----D---- C:\Program Files (x86)\Common Files
2014-10-31 21:26:26 ----D---- C:\ProgramData\VeriFace
2014-10-31 20:51:15 ----D---- C:\windows\tracing
2014-10-31 16:35:43 ----D---- C:\windows\winsxs
2014-10-31 16:34:12 ----D---- C:\windows\SYSWOW64\sk-SK
2014-10-31 16:34:12 ----D---- C:\windows\SYSWOW64\en-US
2014-10-31 16:34:12 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-10-31 16:34:12 ----D---- C:\windows\system32\sk-SK
2014-10-31 16:34:12 ----D---- C:\windows\system32\en-US
2014-10-31 16:34:12 ----D---- C:\windows\system32\cs-CZ
2014-10-31 16:34:11 ----RSD---- C:\windows\Fonts
2014-10-31 14:51:00 ----D---- C:\windows\Microsoft.NET
2014-10-31 14:11:07 ----A---- C:\windows\win.ini
2014-10-31 14:10:32 ----D---- C:\windows\system32\catroot
2014-10-31 14:09:58 ----RSD---- C:\windows\assembly
2014-10-30 16:32:01 ----D---- C:\windows\system32\catroot2
2014-10-29 21:33:09 ----D---- C:\Program Files\Windows Media Player
2014-10-29 21:33:09 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-29 21:33:08 ----D---- C:\windows\ehome
2014-10-29 21:33:02 ----D---- C:\Program Files\Common Files\System
2014-10-29 21:33:00 ----D---- C:\Program Files\Internet Explorer
2014-10-29 21:33:00 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-29 21:32:57 ----D---- C:\windows\SYSWOW64\migration
2014-10-29 21:32:55 ----D---- C:\windows\system32\migration
2014-10-29 21:32:55 ----D---- C:\windows\PolicyDefinitions
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\zh-TW
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\zh-HK
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\zh-CN
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\tr-TR
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\sv-SE
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\ru-RU
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\pt-PT
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\pt-BR
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\pl-PL
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\nl-NL
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\nb-NO
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\ko-KR
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\ja-JP
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\it-IT
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\hu-HU
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\fr-FR
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\fi-FI
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\es-ES
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\el-GR
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\de-DE
2014-10-29 21:32:52 ----D---- C:\windows\SYSWOW64\da-DK
2014-10-29 21:32:51 ----D---- C:\windows\system32\zh-TW
2014-10-29 21:32:51 ----D---- C:\windows\system32\zh-HK
2014-10-29 21:32:51 ----D---- C:\windows\system32\zh-CN
2014-10-29 21:32:51 ----D---- C:\windows\system32\tr-TR
2014-10-29 21:32:51 ----D---- C:\windows\system32\sv-SE
2014-10-29 21:32:51 ----D---- C:\windows\system32\ru-RU
2014-10-29 21:32:51 ----D---- C:\windows\system32\pt-PT
2014-10-29 21:32:51 ----D---- C:\windows\system32\pt-BR
2014-10-29 21:32:51 ----D---- C:\windows\system32\pl-PL
2014-10-29 21:32:51 ----D---- C:\windows\system32\nl-NL
2014-10-29 21:32:51 ----D---- C:\windows\system32\nb-NO
2014-10-29 21:32:51 ----D---- C:\windows\system32\ko-KR
2014-10-29 21:32:51 ----D---- C:\windows\system32\ja-JP
2014-10-29 21:32:51 ----D---- C:\windows\system32\it-IT
2014-10-29 21:32:51 ----D---- C:\windows\system32\hu-HU
2014-10-29 21:32:51 ----D---- C:\windows\system32\fr-FR
2014-10-29 21:32:51 ----D---- C:\windows\system32\fi-FI
2014-10-29 21:32:51 ----D---- C:\windows\system32\es-ES
2014-10-29 21:32:51 ----D---- C:\windows\system32\el-GR
2014-10-29 21:32:51 ----D---- C:\windows\system32\de-DE
2014-10-29 21:32:51 ----D---- C:\windows\system32\da-DK
2014-10-29 21:32:49 ----D---- C:\Program Files\Windows Journal
2014-10-29 21:15:01 ----D---- C:\ProgramData
2014-10-29 20:43:14 ----SD---- C:\ProgramData\Microsoft
2014-10-29 20:34:46 ----D---- C:\windows\Logs
2014-10-29 20:02:31 ----D---- C:\windows\Prefetch
2014-10-29 19:55:02 ----D---- C:\windows\SYSWOW64\Dism
2014-10-29 19:54:59 ----D---- C:\windows\system32\Dism
2014-10-29 19:54:58 ----D---- C:\windows\system32\drivers\cs-CZ
2014-10-29 19:54:57 ----D---- C:\windows\system32\drivers\en-US
2014-10-29 19:54:49 ----D---- C:\Program Files\Windows Defender
2014-10-29 19:54:49 ----D---- C:\Program Files (x86)\Windows Defender
2014-10-29 19:54:44 ----D---- C:\windows\system32\wbem
2014-10-29 19:53:08 ----D---- C:\windows\system32\DriverStore
2014-10-29 16:37:04 ----RD---- C:\Program Files
2014-10-29 15:49:57 ----D---- C:\windows\debug
2014-10-29 13:33:14 ----D---- C:\Program Files (x86)\MSBuild
2014-10-29 13:33:09 ----D---- C:\Program Files (x86)\Microsoft Office
2014-10-29 13:32:56 ----D---- C:\windows\ShellNew
2014-10-29 13:32:01 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-10-29 11:12:57 ----D---- C:\Program Files\Google
2014-10-29 11:12:57 ----D---- C:\Program Files\Common Files
2014-10-29 11:09:57 ----D---- C:\Program Files\mcafee
2014-10-29 10:42:38 ----D---- C:\windows\SoftwareDistribution
2014-10-29 09:30:35 ----D---- C:\windows\rescache
2014-10-29 08:49:53 ----D---- C:\Program Files\Windows Sidebar
2014-10-29 08:49:53 ----D---- C:\Program Files\Windows Mail
2014-10-29 08:49:52 ----D---- C:\windows\SYSWOW64\migwiz
2014-10-29 08:49:52 ----D---- C:\windows\SYSWOW64\drivers\en-US
2014-10-29 08:49:52 ----D---- C:\Program Files\Windows Photo Viewer
2014-10-29 08:49:52 ----D---- C:\Program Files\DVD Maker
2014-10-29 08:49:49 ----D---- C:\windows\SYSWOW64\WCN
2014-10-29 08:49:49 ----D---- C:\windows\system32\migwiz
2014-10-29 08:49:49 ----D---- C:\windows\en-US
2014-10-29 08:49:48 ----D---- C:\windows\system32\WCN
2014-10-29 08:49:48 ----D---- C:\windows\Speech
2014-10-29 08:49:48 ----D---- C:\Program Files (x86)\Windows Sidebar
2014-10-29 08:49:48 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2014-10-29 08:49:48 ----D---- C:\Program Files (x86)\Windows Mail
2014-10-29 08:49:35 ----D---- C:\windows\servicing
2014-10-29 08:49:34 ----D---- C:\windows\SYSWOW64\winrm
2014-10-29 08:49:34 ----D---- C:\windows\SYSWOW64\slmgr
2014-10-29 08:49:34 ----D---- C:\windows\SYSWOW64\en
2014-10-29 08:49:33 ----D---- C:\windows\SYSWOW64\Printing_Admin_Scripts
2014-10-29 08:49:33 ----D---- C:\windows\SYSWOW64\DriverStore
2014-10-29 08:49:33 ----D---- C:\windows\system32\winrm
2014-10-29 08:49:33 ----D---- C:\windows\system32\sysprep
2014-10-29 08:49:33 ----D---- C:\windows\system32\slmgr
2014-10-29 08:49:33 ----D---- C:\windows\system32\oobe
2014-10-29 08:49:33 ----D---- C:\windows\system32\en
2014-10-29 08:49:33 ----D---- C:\windows\system32\Boot
2014-10-29 08:49:31 ----D---- C:\windows\system32\Printing_Admin_Scripts
2014-10-28 22:00:49 ----D---- C:\windows\system32\wfp
2014-10-28 21:59:12 ----RD---- C:\Users
2014-10-28 21:59:10 ----D---- C:\windows\SYSWOW64\wbem
2014-10-28 21:59:09 ----RSD---- C:\windows\Media
2014-10-28 21:59:09 ----D---- C:\windows\IME
2014-10-28 21:59:09 ----D---- C:\windows\Cursors
2014-10-28 21:59:09 ----D---- C:\windows\cs-CZ
2014-10-28 21:59:09 ----D---- C:\Program Files (x86)\BisonCam
2014-10-28 21:58:43 ----D---- C:\windows\SYSWOW64\Speech
2014-10-28 21:58:40 ----D---- C:\windows\system32\spp
2014-10-28 21:58:39 ----D---- C:\windows\system32\restore
2014-10-28 21:58:36 ----D---- C:\windows\system32\CodeIntegrity
2014-10-28 21:58:30 ----D---- C:\windows\Resources
2014-10-28 21:58:28 ----D---- C:\windows\Branding
2014-10-28 21:58:27 ----D---- C:\windows\AppCompat
2014-10-28 21:58:21 ----D---- C:\Program Files (x86)\Windows Live
2014-10-28 21:58:21 ----D---- C:\Program Files (x86)\USB Camera2
2014-10-28 21:57:23 ----D---- C:\windows\registration
2014-10-28 18:48:37 ----D---- C:\windows\system32\LogFiles
2014-10-28 18:36:30 ----D---- C:\windows\Panther
2014-10-28 06:34:58 ----N---- C:\windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-10-28 65776]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-10-28 267632]
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2012-01-06 57952]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2012-01-06 39008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-10-28 93568]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-10-31 1050432]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-10-28 436624]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2012-01-06 13408]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-10-28 29208]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-10-31 83280]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-10-28 116728]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2012-01-06 29792]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-11-02 9319424]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-11-02 303616]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-10-28 4716608]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-09-29 80384]
R3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2010-12-15 349224]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-12-15 106536]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2010-12-15 138280]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-12-15 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-12-15 21416]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2011-03-10 1581184]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-03-26 12262336]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-10-21 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-08 1430576]
R3 vm2uvcflt;Vimicro USB Camera Filter 2; C:\windows\System32\Drivers\vm2uvcflt.sys [2010-09-21 15056]
R3 vm332avs;Lenovo Camera2; C:\windows\System32\Drivers\vm332avs.sys [2010-12-10 234960]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\xyz.exe30263x\catchme.sys []
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-25 12262336]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-09-30 299520]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-11-02 203264]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-10-28 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-12-14 953632]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01 107912]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-01 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-10-29 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-31 114288]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2014-10-29 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#26 Příspěvek od **Márty84** » 02 lis 2014 15:35

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

Dubinek · #27 Příspěvek od **Dubinek** » 02 lis 2014 17:33

OTL logfile created on: 2.11.2014 16:14:49 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lenovo\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17358)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,95 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 63,16% Memory free
7,89 Gb Paging File | 5,91 Gb Available in Paging File | 74,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 421,81 Gb Total Space | 131,72 Gb Free Space | 31,23% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 25,76 Gb Free Space | 88,85% Space Free | Partition Type: NTFS

Computer Name: LENOVO-PC | User Name: Lenovo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.11.02 16:00:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lenovo\Desktop\OTL.exe
PRC - [2014.10.31 16:37:44 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.10.28 22:16:06 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.05.10 04:48:09 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.02.18 09:20:54 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.12.21 03:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 03:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

========== Modules (No Company Name) ==========

MOD - [2014.10.31 16:37:42 | 003,649,648 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.07.10 18:07:22 | 000,756,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL

========== Services (SafeList) ==========

SRV:64bit: - [2014.10.29 20:26:04 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.10.28 22:16:06 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011.11.02 04:01:19 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.12.14 19:04:56 | 000,953,632 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014.10.31 16:37:43 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.02.18 09:20:54 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.12.21 03:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.21 03:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.10.31 20:55:14 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014.10.31 20:55:14 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswmonflt.sys -- (aswMonFlt)
DRV:64bit: - [2014.10.28 22:16:08 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014.10.28 22:16:08 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014.10.28 22:16:08 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014.10.28 22:16:08 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014.10.28 22:16:07 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014.10.28 22:16:07 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.06 23:34:35 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:64bit: - [2012.01.06 23:34:32 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:64bit: - [2012.01.06 23:31:51 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:64bit: - [2012.01.06 23:31:51 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:64bit: - [2011.11.02 05:53:45 | 009,319,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.11.02 03:24:06 | 000,303,616 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.09.29 04:23:24 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.09.29 04:23:24 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.04.08 02:59:58 | 001,430,576 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.03.26 00:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.03.25 11:17:48 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.10 10:01:00 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.02.18 09:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.01.29 00:29:58 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010.12.15 04:13:32 | 000,349,224 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2010.12.15 04:13:10 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.12.15 04:13:10 | 000,021,416 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.12.15 04:13:08 | 000,138,280 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.12.15 04:13:08 | 000,106,536 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.12.10 20:43:40 | 000,234,960 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm332avs.sys -- (vm332avs)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.28 11:16:24 | 004,716,608 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.10.21 07:57:30 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.09.30 09:45:22 | 000,299,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010.09.21 23:04:54 | 000,015,056 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm2uvcflt.sys -- (vm2uvcflt)
DRV:64bit: - [2009.07.21 15:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2172694318-107010662-708045567-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/redirectdomain ... &bmod=LENN
IE - HKU\S-1-5-21-2172694318-107010662-708045567-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2172694318-107010662-708045567-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-2172694318-107010662-708045567-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-2172694318-107010662-708045567-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7LENN
IE - HKU\S-1-5-21-2172694318-107010662-708045567-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?btnG=Google+Search&q="
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: true
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..keyword.URL: "http://www.google.com/search?btnG=Google+Search&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.10.28 22:16:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014.10.28 19:04:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenovo\AppData\Roaming\Mozilla\Extensions
[2014.10.28 19:07:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdcbllr4.default\extensions
[2014.11.02 11:15:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zvsu016g.default\extensions
[2014.11.02 11:15:38 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zvsu016g.default\extensions\foxyproxy@eric.h.jung
[2014.10.28 19:07:01 | 000,979,610 | ---- | M] () (No name found) -- C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\qdcbllr4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.10.29 01:39:33 | 000,979,610 | ---- | M] () (No name found) -- C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zvsu016g.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.10.28 22:19:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.10.31 16:37:47 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2204.148_0\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014.11.01 19:04:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)
O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (CyberLink)
O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-2172694318-107010662-708045567-1000..\Run: [RESTART_STICKY_NOTES] C:\windows\system32\StikyNot.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2172694318-107010662-708045567-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2172694318-107010662-708045567-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 84.21.109.1 84.16.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2540BD60-F296-443D-A96A-84E226ED8FB0}: DhcpNameServer = 84.21.109.1 84.16.96.2
O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.clmp3enc - C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.11.02 16:00:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lenovo\Desktop\OTL.exe
[2014.11.02 09:32:48 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Taháky
[2014.11.01 19:48:47 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Virycz,kauza chrome
[2014.11.01 19:31:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014.11.01 19:04:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.11.01 11:19:10 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014.11.01 11:19:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2014.10.31 21:49:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2014.10.31 21:49:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2014.10.31 21:49:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2014.10.31 21:49:29 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.10.31 21:49:09 | 000,000,000 | ---D | C] -- C:\windows\erdnt
[2014.10.31 18:29:13 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\AppData\Local\EmieUserList
[2014.10.31 18:29:13 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\AppData\Local\EmieSiteList
[2014.10.31 17:03:35 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.10.31 17:03:12 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014.10.31 17:03:12 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014.10.31 17:03:12 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014.10.31 16:37:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014.10.31 14:19:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014.10.31 14:10:29 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msmpeg2vdec.dll
[2014.10.31 14:10:28 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msmpeg2vdec.dll
[2014.10.30 16:40:41 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMPhoto.dll
[2014.10.30 16:40:40 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10warp.dll
[2014.10.30 16:40:40 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMPhoto.dll
[2014.10.30 16:40:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDYAK.DLL
[2014.10.30 16:40:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDTAT.DLL
[2014.10.30 16:40:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDTAT.DLL
[2014.10.30 16:40:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDRU1.DLL
[2014.10.30 16:40:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDRU.DLL
[2014.10.30 16:40:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\KBDBASH.DLL
[2014.10.30 16:40:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDYAK.DLL
[2014.10.30 16:40:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDRU1.DLL
[2014.10.30 16:40:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDBASH.DLL
[2014.10.30 16:40:35 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KBDRU.DLL
[2014.10.30 16:40:34 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014.10.30 16:40:32 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d2d1.dll
[2014.10.30 16:36:51 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecs.dll
[2014.10.30 16:36:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2014.10.29 23:04:54 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\účesy
[2014.10.29 21:15:01 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2014.10.29 20:51:23 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmploc.DLL
[2014.10.29 20:51:22 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmploc.DLL
[2014.10.29 20:51:22 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wmp.dll
[2014.10.29 20:51:20 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wmp.dll
[2014.10.29 20:43:14 | 000,000,000 | ---D | C] -- C:\windows\Migration
[2014.10.29 20:34:46 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEUDINIT.EXE
[2014.10.29 20:26:14 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2014.10.29 20:26:08 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2014.10.29 20:26:08 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014.10.29 20:26:08 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2014.10.29 20:26:08 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014.10.29 20:26:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2014.10.29 20:26:08 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2014.10.29 20:26:08 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.10.29 20:26:07 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014.10.29 20:26:07 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014.10.29 20:26:07 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014.10.29 20:26:07 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2014.10.29 20:26:07 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014.10.29 20:26:07 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2014.10.29 20:26:07 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2014.10.29 20:26:07 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2014.10.29 20:26:07 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2014.10.29 20:26:07 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2014.10.29 20:26:07 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2014.10.29 20:26:07 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014.10.29 20:26:07 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2014.10.29 20:26:07 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2014.10.29 20:26:07 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014.10.29 20:26:07 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2014.10.29 20:26:07 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014.10.29 20:26:07 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014.10.29 20:26:07 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2014.10.29 20:26:07 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014.10.29 20:26:07 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014.10.29 20:26:07 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2014.10.29 20:26:07 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2014.10.29 20:26:06 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2014.10.29 20:26:06 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014.10.29 20:26:06 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2014.10.29 20:26:06 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2014.10.29 20:26:06 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014.10.29 20:26:06 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2014.10.29 20:26:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2014.10.29 20:26:05 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014.10.29 20:26:05 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014.10.29 20:26:05 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014.10.29 20:26:05 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014.10.29 20:26:05 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014.10.29 20:26:05 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014.10.29 20:26:05 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014.10.29 20:26:05 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2014.10.29 20:26:05 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014.10.29 20:26:05 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014.10.29 20:26:05 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014.10.29 20:26:05 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2014.10.29 20:26:05 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014.10.29 20:26:05 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2014.10.29 20:26:05 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014.10.29 20:26:05 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2014.10.29 20:26:05 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2014.10.29 20:26:05 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2014.10.29 20:26:05 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014.10.29 20:26:05 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2014.10.29 20:26:05 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2014.10.29 20:26:05 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014.10.29 20:26:05 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2014.10.29 20:26:05 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2014.10.29 20:26:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014.10.29 20:26:05 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014.10.29 20:26:05 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2014.10.29 20:26:05 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014.10.29 20:26:05 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2014.10.29 20:26:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2014.10.29 20:26:04 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014.10.29 20:26:04 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2014.10.29 20:26:04 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014.10.29 20:26:04 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2014.10.29 20:26:04 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014.10.29 20:26:04 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014.10.29 20:26:04 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2014.10.29 20:26:04 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014.10.29 20:26:04 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2014.10.29 20:26:04 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2014.10.29 20:26:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014.10.29 20:23:29 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2014.10.29 20:23:29 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2014.10.29 20:23:29 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2014.10.29 20:23:29 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2014.10.29 20:23:29 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2014.10.29 20:23:29 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014.10.29 20:23:29 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014.10.29 20:23:29 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014.10.29 20:23:29 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014.10.29 20:23:29 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014.10.29 20:23:29 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014.10.29 20:23:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014.10.29 20:23:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014.10.29 20:23:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014.10.29 20:23:29 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014.10.29 20:23:28 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2014.10.29 20:23:28 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2014.10.29 20:23:28 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2014.10.29 20:23:28 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2014.10.29 20:23:28 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2014.10.29 20:23:28 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2014.10.29 20:23:28 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2014.10.29 20:23:28 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2014.10.29 20:23:28 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2014.10.29 19:54:42 | 000,000,000 | --SD | C] -- C:\windows\SysNative\CompatTel
[2014.10.29 19:54:42 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2014.10.29 19:54:42 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2014.10.29 18:22:12 | 000,000,000 | ---D | C] -- C:\d41a19c517de77a45e999255b4
[2014.10.29 17:29:35 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browserchoice.exe
[2014.10.29 17:13:13 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Skype
[2014.10.29 17:12:52 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Skype
[2014.10.29 17:12:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014.10.29 17:11:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014.10.29 17:11:46 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014.10.29 17:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014.10.29 16:50:11 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFPlatform.dll
[2014.10.29 16:50:09 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFHost.exe
[2014.10.29 16:50:09 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFCoinstaller.dll
[2014.10.29 16:50:08 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WUDFx.dll
[2014.10.29 16:38:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014.10.29 16:37:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014.10.29 16:37:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014.10.29 16:02:40 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fs_rec.sys
[2014.10.29 15:57:20 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2014.10.29 15:49:57 | 000,000,000 | ---D | C] -- C:\windows\SysNative\MRT
[2014.10.29 15:47:23 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\infocardapi.dll
[2014.10.29 15:47:23 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\infocardapi.dll
[2014.10.29 15:47:22 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardagt.exe
[2014.10.29 15:47:22 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardagt.exe
[2014.10.29 15:47:20 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardres.dll
[2014.10.29 15:47:20 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardres.dll
[2014.10.29 15:46:47 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TsWpfWrp.exe
[2014.10.29 15:46:47 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TsWpfWrp.exe
[2014.10.29 13:34:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2014.10.29 13:33:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2014.10.29 13:32:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2014.10.29 13:31:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014.10.29 13:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2014.10.29 13:30:11 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Microsoft Help
[2014.10.29 13:29:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014.10.29 13:29:33 | 000,000,000 | R--D | C] -- C:\MSOCache
[2014.10.29 12:38:04 | 000,000,000 | ---D | C] -- C:\windows\Temp
[2014.10.29 12:38:04 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Temp
[2014.10.29 11:29:37 | 000,000,000 | ---D | C] -- C:\windows\ERUNT
[2014.10.29 11:17:49 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.10.29 11:08:11 | 000,000,000 | --SD | C] -- C:\windows\SysWow64\Microsoft
[2014.10.29 10:51:58 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.10.29 10:51:58 | 000,000,000 | ---D | C] -- C:\rsit
[2014.10.29 10:45:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2014.10.29 10:41:27 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Pokki
[2014.10.29 10:39:54 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Documents\Freemake
[2014.10.29 10:39:53 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
[2014.10.29 10:39:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
[2014.10.29 10:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
[2014.10.29 10:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2014.10.29 10:26:25 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\záložky
[2014.10.29 10:25:49 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\product key for microsoft and office
[2014.10.29 09:48:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014.10.29 09:48:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014.10.29 09:46:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014.10.29 09:36:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2014.10.29 09:36:52 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014.10.29 08:57:07 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\ElevatedDiagnostics
[2014.10.29 08:49:33 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\drivers\sk-SK
[2014.10.29 08:49:33 | 000,000,000 | ---D | C] -- C:\windows\sk-SK
[2014.10.29 08:49:31 | 000,000,000 | ---D | C] -- C:\windows\SysNative\drivers\sk-SK
[2014.10.29 08:43:41 | 000,000,000 | ---D | C] -- C:\windows\pss
[2014.10.29 04:23:40 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\poqexec.exe
[2014.10.29 04:23:40 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\poqexec.exe
[2014.10.29 04:22:46 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Škola
[2014.10.29 04:22:45 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\čj lit
[2014.10.29 04:16:54 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msieftp.dll
[2014.10.29 04:16:54 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msieftp.dll
[2014.10.29 04:16:53 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll
[2014.10.29 04:16:52 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\comctl32.dll
[2014.10.29 04:16:47 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Srandičky
[2014.10.29 04:16:37 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Sešity
[2014.10.29 04:16:36 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Pravé Vzdělání
[2014.10.29 04:16:36 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Poesy
[2014.10.29 04:16:36 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Podpisy
[2014.10.29 04:16:32 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcore6.dll
[2014.10.29 04:16:32 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dhcpcore6.dll
[2014.10.29 04:16:32 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dhcpcsvc6.dll
[2014.10.29 04:16:17 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Obrázky
[2014.10.29 04:15:23 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wintrust.dll
[2014.10.29 04:13:38 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\quartz.dll
[2014.10.29 04:13:38 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\quartz.dll
[2014.10.29 04:13:32 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntshrui.dll
[2014.10.29 04:11:58 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2014.10.29 04:11:47 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\webio.dll
[2014.10.29 04:11:47 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\webio.dll
[2014.10.29 04:11:38 | 001,031,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\TSWorkspace.dll
[2014.10.29 04:11:37 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\TSWorkspace.dll
[2014.10.29 04:10:14 | 001,131,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dfshim.dll
[2014.10.29 04:10:14 | 000,156,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscorier.dll
[2014.10.29 04:10:14 | 000,156,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscorier.dll
[2014.10.29 04:10:13 | 001,943,696 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dfshim.dll
[2014.10.29 04:10:13 | 000,081,560 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mscories.dll
[2014.10.29 04:10:13 | 000,073,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mscories.dll
[2014.10.29 04:10:03 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\crypt32.dll
[2014.10.29 04:10:02 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Desktop\Nepoužívané programy
[2014.10.29 04:10:02 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\na památku
[2014.10.29 04:10:02 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Matika
[2014.10.29 04:10:01 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Koníčky
[2014.10.29 04:10:00 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\jl.tak
[2014.10.29 04:10:00 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Inspiration
[2014.10.29 04:09:58 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptnet.dll
[2014.10.29 04:09:33 | 000,484,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wer.dll
[2014.10.29 04:09:33 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wer.dll
[2014.10.29 04:09:31 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imagehlp.dll
[2014.10.29 04:09:27 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2014.10.29 04:09:27 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2014.10.29 04:08:45 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\timedate.cpl
[2014.10.29 04:08:45 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\timedate.cpl
[2014.10.29 04:08:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2014.10.29 04:08:41 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2014.10.29 04:08:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2014.10.29 04:08:40 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2014.10.29 04:07:06 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\portcls.sys
[2014.10.29 04:07:06 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\drmk.sys
[2014.10.29 04:06:58 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\osk.exe
[2014.10.29 04:06:58 | 000,646,144 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\osk.exe
[2014.10.29 04:06:38 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\ataport.sys
[2014.10.29 04:06:20 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\credui.dll
[2014.10.29 04:06:20 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SmartcardCredentialProvider.dll
[2014.10.29 04:06:20 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SmartcardCredentialProvider.dll
[2014.10.29 04:05:58 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysNative\atmfd.dll
[2014.10.29 04:05:57 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\atmfd.dll
[2014.10.29 04:05:57 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\windows\SysNative\atmlib.dll
[2014.10.29 04:05:57 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lpk.dll
[2014.10.29 04:05:57 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\windows\SysWow64\atmlib.dll
[2014.10.29 04:05:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dciman32.dll
[2014.10.29 04:05:56 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\fontsub.dll
[2014.10.29 04:05:56 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\fontsub.dll
[2014.10.29 04:05:53 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_isv.exe
[2014.10.29 04:05:53 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate.exe
[2014.10.29 04:05:52 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_isv.exe
[2014.10.29 04:05:50 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate.exe
[2014.10.29 04:05:48 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp.exe
[2014.10.29 04:05:48 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RMActivate_ssp_isv.exe
[2014.10.29 04:05:48 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp.exe
[2014.10.29 04:05:48 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RMActivate_ssp_isv.exe
[2014.10.29 04:05:48 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_isv.dll
[2014.10.29 04:05:48 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_isv.dll
[2014.10.29 04:05:47 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msdrm.dll
[2014.10.29 04:05:47 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc.dll
[2014.10.29 04:05:47 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc.dll
[2014.10.29 04:05:46 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp_isv.dll
[2014.10.29 04:05:46 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secproc_ssp.dll
[2014.10.29 04:05:46 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp_isv.dll
[2014.10.29 04:05:46 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\secproc_ssp.dll
[2014.10.29 04:05:19 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2014.10.29 04:05:19 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2014.10.29 04:05:15 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3d11.dll
[2014.10.29 04:05:14 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3d11.dll
[2014.10.29 04:05:11 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\RNDISMP.sys
[2014.10.29 04:05:02 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qedit.dll
[2014.10.29 04:05:01 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qedit.dll
[2014.10.29 04:04:37 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\WMVDECOD.DLL
[2014.10.29 04:04:36 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\WMVDECOD.DLL
[2014.10.29 04:04:34 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys
[2014.10.29 04:04:20 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\WdfLdr.sys
[2014.10.29 04:04:20 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wdfres.dll

Dubinek · #28 Příspěvek od **Dubinek** » 02 lis 2014 17:35

[2014.10.29 04:04:06 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncsi.dll
[2014.10.29 04:04:06 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ncsi.dll
[2014.10.29 04:04:05 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netcorehc.dll
[2014.10.29 04:04:05 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netcorehc.dll
[2014.10.29 04:04:03 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\netevent.dll
[2014.10.29 04:04:03 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netevent.dll
[2014.10.29 04:03:34 | 000,507,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014.10.29 04:03:34 | 000,276,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2014.10.29 04:03:33 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014.10.29 04:03:32 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidclass.sys
[2014.10.29 04:03:32 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\hidparse.sys
[2014.10.29 04:02:09 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\davclnt.dll
[2014.10.29 04:02:07 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpnet.dll
[2014.10.29 04:02:07 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpnet.dll
[2014.10.29 04:01:23 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe
[2014.10.29 04:01:19 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe
[2014.10.29 04:01:18 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe
[2014.10.29 04:01:17 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\objsel.dll
[2014.10.29 04:01:17 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll
[2014.10.29 04:01:15 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\objsel.dll
[2014.10.29 04:01:13 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\smss.exe
[2014.10.29 04:01:13 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cngprovider.dll
[2014.10.29 04:01:13 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\adprovider.dll
[2014.10.29 04:01:13 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\adprovider.dll
[2014.10.29 04:01:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dimsroam.dll
[2014.10.29 04:01:13 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dimsroam.dll
[2014.10.29 04:01:12 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\capiprovider.dll
[2014.10.29 04:01:12 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dpapiprovider.dll
[2014.10.29 04:01:12 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cngprovider.dll
[2014.10.29 04:01:12 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\capiprovider.dll
[2014.10.29 04:01:12 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\dpapiprovider.dll
[2014.10.29 04:01:11 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll
[2014.10.29 04:01:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wincredprovider.dll
[2014.10.29 04:01:11 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wincredprovider.dll
[2014.10.29 04:01:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\apisetschema.dll
[2014.10.29 04:01:01 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\apisetschema.dll
[2014.10.29 04:00:11 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\OxpsConverter.exe
[2014.10.29 03:59:16 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\qdvd.dll
[2014.10.29 03:59:16 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\qdvd.dll
[2014.10.29 03:59:15 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys
[2014.10.29 03:59:15 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll
[2014.10.29 03:58:59 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs
[2014.10.29 03:58:58 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs
[2014.10.29 03:58:58 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs
[2014.10.29 03:58:58 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs
[2014.10.29 03:58:58 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs
[2014.10.29 03:58:58 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs
[2014.10.29 03:58:58 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs
[2014.10.29 03:58:58 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs
[2014.10.29 03:58:58 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs
[2014.10.29 03:58:58 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs
[2014.10.29 03:58:57 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll
[2014.10.29 03:58:57 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs
[2014.10.29 03:58:57 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs
[2014.10.29 03:58:57 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs
[2014.10.29 03:58:57 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs
[2014.10.29 03:58:57 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs
[2014.10.29 03:58:57 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs
[2014.10.29 03:58:57 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs
[2014.10.29 03:58:57 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs
[2014.10.29 03:58:57 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs
[2014.10.29 03:58:57 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs
[2014.10.29 03:58:56 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll
[2014.10.29 03:58:55 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll
[2014.10.29 03:58:55 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll
[2014.10.29 03:58:43 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs
[2014.10.29 03:58:42 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs
[2014.10.29 03:58:41 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs
[2014.10.29 03:58:41 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs
[2014.10.29 03:58:41 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs
[2014.10.29 03:58:41 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs
[2014.10.29 03:58:41 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs
[2014.10.29 03:58:41 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs
[2014.10.29 03:56:24 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntdll.dll
[2014.10.29 03:56:24 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\advapi32.dll
[2014.10.29 03:56:22 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdh.dll
[2014.10.29 03:56:22 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdh.dll
[2014.10.29 03:54:45 | 003,241,472 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msi.dll
[2014.10.29 03:54:37 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll
[2014.10.29 03:54:36 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll
[2014.10.29 03:54:36 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msihnd.dll
[2014.10.29 03:54:36 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msihnd.dll
[2014.10.29 03:54:36 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe
[2014.10.29 03:54:06 | 000,190,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\storport.sys
[2014.10.29 03:54:06 | 000,027,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\Diskdump.sys
[2014.10.29 03:54:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iologmsg.dll
[2014.10.29 03:54:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iologmsg.dll
[2014.10.29 03:53:18 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\synceng.dll
[2014.10.29 03:53:18 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\synceng.dll
[2014.10.29 03:53:08 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll
[2014.10.29 03:52:31 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rastls.dll
[2014.10.29 03:52:30 | 000,372,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rastls.dll
[2014.10.29 03:51:53 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2014.10.29 03:51:53 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2014.10.29 03:51:52 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe
[2014.10.29 03:51:32 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cryptdlg.dll
[2014.10.29 03:51:32 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cryptdlg.dll
[2014.10.29 03:51:11 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\hudba
[2014.10.29 03:50:30 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014.10.29 03:50:30 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014.10.29 03:50:22 | 003,221,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstscax.dll
[2014.10.29 03:50:21 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\lsasrv.dll
[2014.10.29 03:50:20 | 003,722,240 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstscax.dll
[2014.10.29 03:50:20 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winlogon.exe
[2014.10.29 03:50:16 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll
[2014.10.29 03:50:15 | 001,118,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mstsc.exe
[2014.10.29 03:50:12 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mstsc.exe
[2014.10.29 03:50:04 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsta.dll
[2014.10.29 03:50:00 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorekmts.dll
[2014.10.29 03:50:00 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdrmemptylst.exe
[2014.10.29 03:49:59 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\aaclient.dll
[2014.10.29 03:49:58 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpwsx.dll
[2014.10.29 03:49:57 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aaclient.dll
[2014.10.29 03:49:57 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tsgqec.dll
[2014.10.29 03:49:57 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tsgqec.dll
[2014.10.29 03:48:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2014.10.29 03:48:46 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2014.10.29 03:48:46 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2014.10.29 03:48:43 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll
[2014.10.29 03:48:41 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll
[2014.10.29 03:48:41 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll
[2014.10.29 03:48:40 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe
[2014.10.29 03:48:40 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll
[2014.10.29 03:48:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe
[2014.10.29 03:48:40 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll
[2014.10.29 03:48:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll
[2014.10.29 03:48:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll
[2014.10.29 03:48:38 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe
[2014.10.29 03:48:38 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll
[2014.10.29 03:48:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2014.10.29 03:48:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2014.10.29 03:48:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2014.10.29 03:48:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2014.10.29 03:48:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.29 03:48:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.10.29 03:48:37 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2014.10.29 03:48:37 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2014.10.29 03:48:37 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2014.10.29 03:48:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2014.10.29 03:48:37 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2014.10.29 03:48:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2014.10.29 03:48:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2014.10.29 03:48:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2014.10.29 03:48:37 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2014.10.29 03:48:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014.10.29 03:48:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2014.10.29 03:48:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2014.10.29 03:48:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2014.10.29 03:48:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2014.10.29 03:48:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2014.10.29 03:48:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2014.10.29 03:48:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2014.10.29 03:48:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2014.10.29 03:48:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2014.10.29 03:48:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2014.10.29 03:48:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2014.10.29 03:48:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2014.10.29 03:48:35 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2014.10.29 03:48:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2014.10.29 03:48:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2014.10.29 03:48:35 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2014.10.29 03:48:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2014.10.29 03:48:34 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2014.10.29 03:48:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2014.10.29 03:48:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2014.10.29 03:48:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2014.10.29 03:48:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2014.10.29 03:48:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2014.10.29 03:48:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2014.10.29 03:48:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2014.10.29 03:48:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2014.10.29 03:48:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2014.10.29 03:48:33 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2014.10.29 03:48:32 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2014.10.29 03:48:32 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2014.10.29 03:48:32 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2014.10.29 03:48:32 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2014.10.29 03:48:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2014.10.29 03:48:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2014.10.29 03:48:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2014.10.29 03:48:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2014.10.29 03:48:32 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2014.10.29 03:48:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2014.10.29 03:48:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2014.10.29 03:48:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2014.10.29 03:48:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe
[2014.10.29 03:48:23 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\srcore.dll
[2014.10.29 03:48:21 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msvcrt.dll
[2014.10.29 03:48:09 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certutil.exe
[2014.10.29 03:48:09 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certutil.exe
[2014.10.29 03:48:05 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\certenc.dll
[2014.10.29 03:48:05 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\certenc.dll
[2014.10.29 03:47:13 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wshom.ocx
[2014.10.29 03:47:13 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wshom.ocx
[2014.10.29 03:47:12 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cscript.exe
[2014.10.29 03:47:11 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scrrun.dll
[2014.10.29 03:47:08 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\scrrun.dll
[2014.10.29 03:47:06 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cscript.exe
[2014.10.29 03:46:46 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspicli.dll
[2014.10.29 03:46:45 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\secur32.dll
[2014.10.29 03:46:44 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\sspisrv.dll
[2014.10.29 03:45:57 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\packager.dll
[2014.10.29 03:45:56 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\packager.dll
[2014.10.29 03:45:50 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2014.10.29 03:45:42 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gdi32.dll
[2014.10.29 03:45:36 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll
[2014.10.29 03:45:36 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll
[2014.10.29 03:44:51 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\cdosys.dll
[2014.10.29 03:44:44 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdosys.dll
[2014.10.29 03:44:13 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\nshwfp.dll
[2014.10.29 03:44:13 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\nshwfp.dll
[2014.10.29 03:44:13 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\FWPUCLNT.DLL
[2014.10.29 03:44:13 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\FWPUCLNT.DLL
[2014.10.29 03:44:10 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\scavengeui.dll
[2014.10.29 03:43:53 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rpcrt4.dll
[2014.10.29 03:20:07 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\HRY
[2014.10.29 02:59:23 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Fotky
[2014.10.29 02:13:51 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Desktop\Filmy
[2014.10.29 02:13:51 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Dj-studuj
[2014.10.29 02:13:51 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Dějepis st
[2014.10.29 02:13:51 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Dejepis
[2014.10.29 02:12:57 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\bordel
[2014.10.29 02:12:56 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Nová složka
[2014.10.29 02:12:56 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\2014-10-22
[2014.10.29 00:05:47 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Diagnostics
[2014.10.28 23:55:10 | 000,701,104 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014.10.28 23:55:10 | 000,071,344 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.10.28 23:54:31 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Adobe
[2014.10.28 22:49:53 | 000,319,912 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe
[2014.10.28 22:49:45 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe
[2014.10.28 22:49:45 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\java.exe
[2014.10.28 22:49:45 | 000,111,016 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2014.10.28 22:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014.10.28 22:17:31 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\TS3Client
[2014.10.28 22:16:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2014.10.28 22:16:34 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2014.10.28 22:16:33 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\TeamSpeak 3 Client
[2014.10.28 22:16:22 | 000,116,728 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswStm.sys
[2014.10.28 22:16:21 | 000,436,624 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2014.10.28 22:16:21 | 000,093,568 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2014.10.28 22:16:21 | 000,083,280 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswmonflt.sys
[2014.10.28 22:16:20 | 001,050,432 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswsnx.sys
[2014.10.28 22:16:09 | 000,364,512 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2014.10.28 22:16:07 | 000,043,152 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2014.10.28 22:10:22 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcore.dll
[2014.10.28 22:10:22 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\rdpcore.dll
[2014.10.28 21:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2014.10.28 20:28:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee VirusScan Home Edition 7.02 Demo 30
[2014.10.28 20:27:33 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Macromedia
[2014.10.28 20:27:33 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Macromedia
[2014.10.28 20:27:33 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Adobe
[2014.10.28 20:18:32 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Macromed
[2014.10.28 20:18:31 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Macromed
[2014.10.28 20:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2014.10.28 20:09:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.10.28 20:08:38 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Programs
[2014.10.28 19:03:55 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Mozilla
[2014.10.28 19:03:55 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Mozilla
[2014.10.28 19:03:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014.10.28 19:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.10.28 18:35:55 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014.10.28 18:10:54 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Desktop\Co udělat
[2014.10.28 17:53:59 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\AVAST Software
[2014.10.28 17:47:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014.10.28 17:46:27 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014.10.28 17:45:27 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2014.10.28 17:45:27 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2014.10.28 17:45:27 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2014.10.28 17:45:17 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2014.10.28 17:45:17 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2014.10.28 17:45:17 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2014.10.28 17:45:17 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2014.10.28 17:45:17 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2014.10.28 17:45:17 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2014.10.28 17:45:09 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2014.10.28 17:45:09 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2014.10.28 17:45:09 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2014.10.28 17:45:09 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2014.10.28 17:44:34 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Google
[2014.10.28 17:43:07 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Intel Corporation
[2014.10.28 17:43:01 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\ATI
[2014.10.28 17:43:01 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\ATI
[2014.10.28 17:43:00 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Broadcom
[2014.10.28 17:43:00 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\Documents\Bluetooth Exchange Folder
[2014.10.28 17:42:36 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014.10.28 17:42:36 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Searches
[2014.10.28 17:42:36 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014.10.28 17:42:22 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Identities
[2014.10.28 17:42:13 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Contacts
[2014.10.28 17:42:10 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\VirtualStore
[2014.10.28 17:41:46 | 000,000,000 | --SD | C] -- C:\Users\Lenovo\AppData\Roaming\Microsoft
[2014.10.28 17:41:46 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Videos
[2014.10.28 17:41:46 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Saved Games
[2014.10.28 17:41:46 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Pictures
[2014.10.28 17:41:46 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Music
[2014.10.28 17:41:46 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014.10.28 17:41:46 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Links
[2014.10.28 17:41:46 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Favorites
[2014.10.28 17:41:46 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Downloads
[2014.10.28 17:41:46 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Documents
[2014.10.28 17:41:46 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\Desktop
[2014.10.28 17:41:46 | 000,000,000 | R--D | C] -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\AppData\Local\Temporary Internet Files
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\Šablony
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\Soubory cookie
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\SendTo
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\Poslední
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\Okolní tiskárny
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\Okolní síť
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\Documents\Obrázky
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\Nabídka Start
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\Local Settings
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\Documents\Hudba
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\AppData\Local\History
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\Documents\Filmy
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\Dokumenty
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\Data aplikací
[2014.10.28 17:41:46 | 000,000,000 | -HSD | C] -- C:\Users\Lenovo\AppData\Local\Data aplikací
[2014.10.28 17:41:46 | 000,000,000 | -H-D | C] -- C:\Users\Lenovo\AppData
[2014.10.28 17:41:46 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Microsoft
[2014.10.28 17:41:46 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Media Center Programs
[2014.10.28 17:41:46 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
[2014.10.28 17:40:07 | 000,000,000 | ---D | C] -- C:\Recovery

========== Files - Modified Within 30 Days ==========

[2014.11.02 16:16:53 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.11.02 16:00:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lenovo\Desktop\OTL.exe
[2014.11.02 15:52:24 | 001,583,226 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014.11.02 15:52:24 | 000,668,792 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2014.11.02 15:52:24 | 000,654,140 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014.11.02 15:52:24 | 000,141,420 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2014.11.02 15:52:24 | 000,122,012 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014.11.02 15:52:18 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014.11.02 15:36:38 | 000,000,952 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.11.01 22:29:10 | 000,000,948 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.11.01 19:31:30 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.11.01 19:11:30 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.11.01 19:11:30 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.11.01 19:04:50 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2014.11.01 19:04:38 | 000,540,171 | ---- | M] () -- C:\windows\SysNative\fastboot.set
[2014.11.01 19:03:16 | 3177,074,688 | -HS- | M] () -- C:\hiberfil.sys
[2014.11.01 18:12:52 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.11.01 11:49:24 | 000,000,987 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.11.01 11:19:10 | 000,001,264 | ---- | M] () -- C:\Users\Lenovo\Desktop\Revo Uninstaller.lnk
[2014.10.31 20:55:14 | 001,050,432 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswsnx.sys
[2014.10.31 20:55:14 | 000,083,280 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswmonflt.sys
[2014.10.31 20:51:49 | 000,410,552 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014.10.31 18:04:56 | 000,021,372 | ---- | M] () -- C:\Users\Lenovo\Desktop\spawn minecraft-plech.png
[2014.10.31 14:22:02 | 001,558,148 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2014.10.29 20:26:14 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2014.10.29 20:26:08 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jsIntl.dll
[2014.10.29 20:26:08 | 000,440,320 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014.10.29 20:26:08 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2014.10.29 20:26:08 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2014.10.29 20:26:08 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014.10.29 20:26:08 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2014.10.29 20:26:08 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2014.10.29 20:26:08 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.10.29 20:26:07 | 002,017,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014.10.29 20:26:07 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014.10.29 20:26:07 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014.10.29 20:26:07 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2014.10.29 20:26:07 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2014.10.29 20:26:07 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2014.10.29 20:26:07 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2014.10.29 20:26:07 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2014.10.29 20:26:07 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2014.10.29 20:26:07 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2014.10.29 20:26:07 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014.10.29 20:26:07 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2014.10.29 20:26:07 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2014.10.29 20:26:07 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014.10.29 20:26:07 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2014.10.29 20:26:07 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\MshtmlDac.dll
[2014.10.29 20:26:07 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014.10.29 20:26:07 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2014.10.29 20:26:07 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014.10.29 20:26:07 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014.10.29 20:26:07 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2014.10.29 20:26:07 | 000,016,284 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2014.10.29 20:26:07 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2014.10.29 20:26:06 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jsIntl.dll
[2014.10.29 20:26:06 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014.10.29 20:26:06 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2014.10.29 20:26:06 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2014.10.29 20:26:06 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2014.10.29 20:26:06 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2014.10.29 20:26:06 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2014.10.29 20:26:05 | 005,829,632 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014.10.29 20:26:05 | 002,108,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014.10.29 20:26:05 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014.10.29 20:26:05 | 000,775,168 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014.10.29 20:26:05 | 000,758,272 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014.10.29 20:26:05 | 000,731,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014.10.29 20:26:05 | 000,710,656 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014.10.29 20:26:05 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2014.10.29 20:26:05 | 000,595,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014.10.29 20:26:05 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014.10.29 20:26:05 | 000,446,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014.10.29 20:26:05 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2014.10.29 20:26:05 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014.10.29 20:26:05 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2014.10.29 20:26:05 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014.10.29 20:26:05 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2014.10.29 20:26:05 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2014.10.29 20:26:05 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2014.10.29 20:26:05 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2014.10.29 20:26:05 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2014.10.29 20:26:05 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2014.10.29 20:26:05 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014.10.29 20:26:05 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2014.10.29 20:26:05 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2014.10.29 20:26:05 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014.10.29 20:26:05 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014.10.29 20:26:05 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2014.10.29 20:26:05 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014.10.29 20:26:05 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2014.10.29 20:26:05 | 000,016,284 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2014.10.29 20:26:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2014.10.29 20:26:04 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2014.10.29 20:26:04 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2014.10.29 20:26:04 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014.10.29 20:26:04 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2014.10.29 20:26:04 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014.10.29 20:26:04 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MshtmlDac.dll
[2014.10.29 20:26:04 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2014.10.29 20:26:04 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014.10.29 20:26:04 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2014.10.29 20:26:04 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2014.10.29 20:26:04 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014.10.29 20:23:29 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsPrint.dll
[2014.10.29 20:23:29 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsPrint.dll
[2014.10.29 20:23:29 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\XpsGdiConverter.dll
[2014.10.29 20:23:29 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\XpsGdiConverter.dll
[2014.10.29 20:23:29 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxgi.dll
[2014.10.29 20:23:29 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014.10.29 20:23:29 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2014.10.29 20:23:29 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014.10.29 20:23:29 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2014.10.29 20:23:29 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014.10.29 20:23:29 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2014.10.29 20:23:29 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2014.10.29 20:23:29 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2014.10.29 20:23:29 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2014.10.29 20:23:29 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014.10.29 20:23:29 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2014.10.29 20:23:28 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\DWrite.dll
[2014.10.29 20:23:28 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10.dll
[2014.10.29 20:23:28 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10level9.dll
[2014.10.29 20:23:28 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1core.dll
[2014.10.29 20:23:28 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10core.dll
[2014.10.29 20:23:28 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\WindowsCodecsExt.dll
[2014.10.29 20:23:28 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\UIAnimation.dll
[2014.10.29 20:23:28 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\d3d10_1.dll
[2014.10.29 20:23:28 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\UIAnimation.dll
[2014.10.29 17:12:35 | 000,002,533 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2014.10.29 17:05:39 | 000,002,226 | ---- | M] () -- C:\Users\Lenovo\Desktop\avast! Free Antivirus.lnk
[2014.10.29 12:14:49 | 000,024,064 | ---- | M] () -- C:\windows\zoek-delete.exe
[2014.10.29 10:50:55 | 001,222,144 | ---- | M] () -- C:\Users\Lenovo\Desktop\RSITx64.exe
[2014.10.29 00:51:18 | 554,456,746 | ---- | M] () -- C:\windows\MEMORY.DMP
[2014.10.28 23:55:10 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014.10.28 23:55:10 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.10.28 22:49:39 | 000,111,016 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2014.10.28 22:49:38 | 000,319,912 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe
[2014.10.28 22:49:38 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe
[2014.10.28 22:49:38 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\java.exe
[2014.10.28 22:19:40 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.10.28 22:16:08 | 000,436,624 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2014.10.28 22:16:08 | 000,267,632 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2014.10.28 22:16:08 | 000,116,728 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswStm.sys
[2014.10.28 22:16:08 | 000,065,776 | ---- | M] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2014.10.28 22:16:07 | 000,364,512 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2014.10.28 22:16:07 | 000,093,568 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2014.10.28 22:16:07 | 000,043,152 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2014.10.28 22:16:07 | 000,029,208 | ---- | M] () -- C:\windows\SysNative\drivers\aswHwid.sys
[2014.10.28 18:37:49 | 000,289,413 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2014.10.28 18:37:49 | 000,289,413 | ---- | M] () -- C:\windows\SysNative\license.rtf
[2014.10.25 19:07:41 | 000,011,985 | ---- | M] () -- C:\Users\Lenovo\Desktop\password-export-2014-10-25.xml
[2014.10.23 14:51:00 | 000,806,631 | ---- | M] () -- C:\Users\Lenovo\Desktop\Wild.pdf
[2014.10.17 20:05:02 | 000,002,171 | ---- | M] () -- C:\Users\Lenovo\Desktop\Skype.lnk
[2014.10.15 15:56:13 | 000,000,622 | ---- | M] () -- C:\Users\Lenovo\Desktop\zápisky.lnk
[2014.10.10 03:05:59 | 000,276,480 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\generaltel.dll
[2014.10.10 03:05:42 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014.10.10 03:00:38 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll

========== Files Created - No Company Name ==========

[2014.11.02 16:16:53 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.11.01 19:31:30 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.11.01 19:27:51 | 000,000,952 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.11.01 19:27:50 | 000,000,948 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.11.01 11:19:10 | 000,001,264 | ---- | C] () -- C:\Users\Lenovo\Desktop\Revo Uninstaller.lnk
[2014.10.31 21:49:43 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2014.10.31 21:49:43 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2014.10.31 21:49:43 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2014.10.31 21:49:43 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2014.10.31 21:49:43 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2014.10.31 18:04:56 | 000,021,372 | ---- | C] () -- C:\Users\Lenovo\Desktop\spawn minecraft-plech.png
[2014.10.29 20:45:51 | 001,558,148 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2014.10.29 20:26:07 | 000,016,284 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2014.10.29 20:26:05 | 000,016,284 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2014.10.29 17:12:35 | 000,002,533 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2014.10.29 16:50:08 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014.10.29 12:38:05 | 000,024,064 | ---- | C] () -- C:\windows\zoek-delete.exe
[2014.10.29 10:47:42 | 001,222,144 | ---- | C] () -- C:\Users\Lenovo\Desktop\RSITx64.exe
[2014.10.29 10:41:35 | 000,002,111 | ---- | C] () -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
[2014.10.29 10:26:25 | 000,011,985 | ---- | C] () -- C:\Users\Lenovo\Desktop\password-export-2014-10-25.xml
[2014.10.29 09:48:53 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014.10.29 09:36:59 | 000,000,987 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014.10.29 04:04:20 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014.10.29 02:12:56 | 000,806,631 | ---- | C] () -- C:\Users\Lenovo\Desktop\Wild.pdf
[2014.10.29 02:12:56 | 000,177,838 | ---- | C] () -- C:\Users\Lenovo\Desktop\Čtenařák 1.A.jpg
[2014.10.29 02:12:56 | 000,002,171 | ---- | C] () -- C:\Users\Lenovo\Desktop\Skype.lnk
[2014.10.29 02:12:56 | 000,000,622 | ---- | C] () -- C:\Users\Lenovo\Desktop\zápisky.lnk
[2014.10.29 02:12:53 | 000,002,226 | ---- | C] () -- C:\Users\Lenovo\Desktop\avast! Free Antivirus.lnk
[2014.10.29 00:51:18 | 554,456,746 | ---- | C] () -- C:\windows\MEMORY.DMP
[2014.10.28 22:19:40 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014.10.28 22:19:40 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.10.28 22:16:21 | 000,267,632 | ---- | C] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2014.10.28 22:16:21 | 000,065,776 | ---- | C] () -- C:\windows\SysNative\drivers\aswRvrt.sys
[2014.10.28 22:16:21 | 000,029,208 | ---- | C] () -- C:\windows\SysNative\drivers\aswHwid.sys
[2014.10.28 18:35:47 | 3177,074,688 | -HS- | C] () -- C:\hiberfil.sys
[2014.10.28 17:42:37 | 000,001,393 | ---- | C] () -- C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.06.25 03:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.06.25 02:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.10.28 17:53:59 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\AVAST Software
[2014.10.31 17:41:01 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\TS3Client

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,009,288 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2014.11.01 19:27:50 | 000,000,948 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.11.01 19:27:51 | 000,000,952 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\drivers\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.21 04:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013.05.10 05:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 05:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 15:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013.10.05 03:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SoftwareDistribution\Download\cee5b8a1732f52c558753983be90a1b0\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\windows\SysNative\cryptsvc.dll
[2013.07.09 06:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 14:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SoftwareDistribution\Download\cee5b8a1732f52c558753983be90a1b0\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 05:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013.05.10 06:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 06:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010.11.21 04:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 05:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.05.10 06:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 06:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 06:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 02:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.09.29 04:19:34 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.09.29 04:19:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.09.29 04:19:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.09.29 04:19:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.09.29 04:19:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.09.29 04:19:34 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.09.29 04:19:34 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\windows\SysNative\hal.dll
[2010.11.21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2011.02.18 09:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\windows\SysNative\drivers\iaStor.sys
[2011.02.18 09:11:54 | 000,439,320 | ---- | M] (Intel Corporation) MD5=53CC5BF8B5A219119953C7ABB19A7705 -- C:\windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_52b32c0ad3e84c62\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.09.29 04:23:24 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.09.29 04:23:24 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2011.09.29 04:23:24 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.09.29 04:23:24 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2014.05.30 09:00:12 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=04F6C08B30C599D301CE8530A6F6A703 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22705_none_0505e8508c7f766f\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 07:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\erdnt\cache64\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\windows\SysNative\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18496_none_041bf8b773a9f127\lsass.exe
[2014.04.12 03:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18526_none_0467aa1173712ab7\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22712_none_04f817868c8a465b\lsass.exe
[2014.04.12 03:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22807_none_0507eaca8c7da644\lsass.exe
[2012.06.04 08:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 07:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2014.05.30 09:07:57 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=F23812F9F7B130854E4BC0389F7C688C -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18489_none_0429c981739f213b\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 19:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\windows\SysNative\drivers\ndis.sys
[2012.08.22 19:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows

Dubinek · #29 Příspěvek od **Dubinek** » 02 lis 2014 17:36

\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 04:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\windows\SysNative\netlogon.dll
[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.09.29 04:23:24 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2011.09.29 04:23:24 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.09.29 04:23:24 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 04:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.09.29 04:23:24 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.09.29 04:23:24 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.09.29 04:23:24 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2011.09.29 04:23:24 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.09.29 04:23:24 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\windows\SysNative\scecli.dll
[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014.04.12 03:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013.08.29 02:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 06:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.03.19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SoftwareDistribution\Download\63e7d454eeb6cdac5bd05042201891bd\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\windows\SysNative\smss.exe
[2013.08.02 01:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\erdnt\cache64\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\windows\SysNative\drivers\tcpip.sys
[2014.04.05 03:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 03:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2011.09.29 04:18:24 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2011.09.29 04:22:53 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2011.09.29 04:18:24 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2011.09.29 04:19:45 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=CB6A53EF141CC3DA32DA54F7E75D301B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21687_none_118505f696597a9d\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2011.09.29 04:19:45 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=DC08410DB2D0CC542DACAC7A90E6CB7A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17582_none_10f667b97d405c20\tcpip.sys
[2011.09.29 04:22:53 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 12:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 10:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\erdnt\cache64\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\windows\SysNative\winlogon.exe
[2014.07.17 03:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 04:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010.11.21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010.11.21 04:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010.11.21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 04:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[2 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.11.02 16:48:50 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\.minecraft
[2014.10.28 20:27:33 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Adobe
[2014.10.28 17:43:01 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\ATI
[2014.10.28 17:53:59 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\AVAST Software
[2014.10.28 17:42:22 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Identities
[2014.10.28 17:43:07 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Intel Corporation
[2014.10.28 20:27:33 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Macromedia
[2011.09.29 04:37:14 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Media Center Programs
[2014.10.29 15:02:43 | 000,000,000 | --SD | M] -- C:\Users\Lenovo\AppData\Roaming\Microsoft
[2014.10.28 19:04:03 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Mozilla
[2014.11.01 18:26:48 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\Skype
[2014.10.31 17:41:01 | 000,000,000 | ---D | M] -- C:\Users\Lenovo\AppData\Roaming\TS3Client

< %APPDATA%\*.exe /s >
[2013.10.17 19:33:36 | 000,966,144 | ---- | M] (TagCraftMC) -- C:\Users\Lenovo\AppData\Roaming\.minecraft\Launcher.exe
[2014.11.02 16:32:19 | 000,067,130 | ---- | M] () -- C:\Users\Lenovo\AppData\Roaming\.minecraft\Uninstall.exe
[2014.11.02 16:30:35 | 001,592,398 | ---- | M] (TeamExtreme) -- C:\Users\Lenovo\AppData\Roaming\.minecraft\minecraft launcher\Minecraft Launcher.exe
[2014.11.02 16:29:54 | 000,069,255 | ---- | M] () -- C:\Users\Lenovo\AppData\Roaming\.minecraft\minecraft launcher\Uninstall.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.11.01 19:06:17 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
[2014.10.31 14:22:02 | 001,558,148 | ---- | M] () -- C:\windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"RESTART_STICKY_NOTES" = C:\windows\system32\StikyNot.exe

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.11.02 16:16:53 | 000,000,512 | ---- | M] () MD5=BE50B2A5A39AFC7D6E9237159C2A22B8 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2012.08.30 01:07:50 | 000,005,369 | ---- | M] () -- \Users\Lenovo\Desktop\bordel\Flaschka\Nová složka (2)\Free Downloader\plugins\crackle.frp
[2003.12.05 14:52:40 | 000,000,796 | ---- | M] () -- \Users\Lenovo\Desktop\HRY\GTA San Andreas\data\Decision\Craig\crack1.ped
[2002.05.30 18:16:22 | 000,013,160 | ---- | M] () -- \Users\Lenovo\Desktop\HRY\Stronghold Crusader\gm\cracks.gm1
[2013.02.01 23:45:14 | 011,247,935 | ---- | M] () -- \Users\Lenovo\Desktop\hudba\Hudba\Motivation\motivation music\freestylers---cracks-ft-belle--humble-(flux-pavilion-remix).mp3
[2012.01.26 15:45:26 | 1454,866,674 | ---- | M] () -- \Users\Lenovo\Desktop\Nepoužívané programy\Starý počítač\starý počítač\hry\The-Settlers-6---Rise-of-an-Empire-Crack-Bull.part2.rar
[2005.03.15 14:15:38 | 000,174,928 | ---- | M] () -- \Users\Lenovo\Desktop\Nepoužívané programy\Starý počítač\starý počítač\stronghold-2-deluxe-cz\Stronghold 2 DeLuxe\meshes\Buildings\castle_wall_crack.DDS
[2005.03.18 20:32:18 | 000,524,416 | ---- | M] () -- \Users\Lenovo\Desktop\Nepoužívané programy\Starý počítač\starý počítač\stronghold-2-deluxe-cz\Stronghold 2 DeLuxe\meshes\Buildings\castle_wall_crack.heightmap.DDS
[2005.06.13 11:47:10 | 000,699,180 | ---- | M] () -- \Users\Lenovo\Desktop\Nepoužívané programy\Starý počítač\starý počítač\stronghold-2-deluxe-cz\Stronghold 2 DeLuxe\meshes\Buildings\castle_wall_crack.normalmap.DDS
[2005.03.07 15:28:46 | 000,043,832 | ---- | M] () -- \Users\Lenovo\Desktop\Nepoužívané programy\Starý počítač\starý počítač\stronghold-2-deluxe-cz\Stronghold 2 DeLuxe\terrain\cracked_peat.dds
[2014.10.05 18:45:06 | 007,860,871 | ---- | M] () -- \Users\Lenovo\Videos\Videa\Forms - The Nutcracker (Djent Goes Christmas 2011).mp3

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2013.09.07 02:54:56 | 000,004,613 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Lenovo\AppData\Local\Pokki\Engine\frames\frame\loader.gif.vir
[2006.10.26 13:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 13:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2014.10.23 11:42:04 | 002,089,088 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader.exe
[2014.10.22 11:54:16 | 000,015,511 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2014.10.22 11:54:16 | 000,064,651 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2014.10.22 11:54:16 | 000,064,719 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2014.10.23 11:41:18 | 000,043,008 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\DownloaderCommon.dll
[2014.10.23 11:40:28 | 000,020,992 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Detector.dll
[2014.10.23 11:36:20 | 000,008,192 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.GlobalSettings.dll
[2014.10.23 11:40:30 | 000,014,336 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.HtmlParser.dll
[2014.10.23 11:40:08 | 000,045,568 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Interface.dll
[2014.10.23 11:36:20 | 000,020,480 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.Miscellaneous.dll
[2014.10.23 11:40:10 | 000,066,048 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SmartDownloader.Core.dll
[2014.10.23 11:40:12 | 000,158,720 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SmartDownloader.Extensions.dll
[2014.10.23 11:40:30 | 000,147,968 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.SupportedSite.dll
[2014.10.23 11:40:10 | 000,019,456 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FMWeb\Downloader\FMDownloader.TrackDownloaderLib.dll
[2014.10.23 11:41:20 | 000,256,000 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\VideoDownloader.Model.dll
[2014.10.23 11:40:30 | 000,018,944 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\VideoDownloader.Tools.dll
[2014.10.23 11:41:28 | 000,010,752 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\cs\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,010,752 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\da\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,016,384 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\de-DE\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,013,312 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\el-GR\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,016,384 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\es-ES\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,016,384 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\fr-FR\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\hu\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,015,872 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\it\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,017,920 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\ja-JP\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\nl\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\pl\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,015,872 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\pt-BR\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:30 | 000,019,456 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\ru-RU\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,011,264 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\sk\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:28 | 000,012,800 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\uk\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:30 | 000,011,776 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\vi\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:30 | 000,010,240 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\zh-CN\FreemakeVideoDownloader.resources.dll
[2014.10.23 11:41:30 | 000,010,240 | ---- | M] () -- \Program Files (x86)\Freemake\Freemake Video Downloader\FreemakeVideoDownloader\Languages\zh-TW\FreemakeVideoDownloader.resources.dll
[2011.01.29 00:30:38 | 000,056,416 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\Koan\pyloader.dll
[2011.01.29 00:29:20 | 000,015,969 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\PyUploader.kc
[2011.01.29 00:29:20 | 000,179,296 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\Uploader\_PyUploader.pyd
[2011.01.29 00:29:20 | 002,475,304 | ---- | M] () -- \Program Files (x86)\Lenovo\YouCam\subsys\YouCam\CES_3DLoaderFBX.dll
[2014.10.28 22:16:06 | 000,072,480 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2014.10.28 22:16:06 | 000,085,376 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2014.10.22 11:54:16 | 000,015,511 | ---- | M] () -- \ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2014.10.22 11:54:16 | 000,064,651 | ---- | M] () -- \ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2014.10.22 11:54:16 | 000,064,719 | ---- | M] () -- \ProgramData\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2014.10.29 10:39:53 | 000,001,350 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk
[2014.10.29 10:39:53 | 000,001,332 | ---- | M] () -- \Qoobox\Quarantine\C\zoek_backup\C_Users_Public_Desktop_Freemake Video Downloader.lnk.vir.vir
[2014.10.22 11:54:16 | 000,015,511 | ---- | M] () -- \Users\All Users\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Profiles\FmDownloaderProfiles.xml
[2014.10.22 11:54:16 | 000,064,651 | ---- | M] () -- \Users\All Users\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloader.png
[2014.10.22 11:54:16 | 000,064,719 | ---- | M] () -- \Users\All Users\Freemake\FreemakeUtilsService\ErrorReporter\FMCommon\FreemakeCommon\Resources\VideoDownloaderOn.png
[2014.10.29 10:39:53 | 000,001,350 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Freemake\Freemake Video Downloader.lnk
[2014.10.31 23:01:50 | 000,018,715 | ---- | M] () -- \Users\Lenovo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ZFMFBX1\AdLoader-a5fa12058ddb9a8919d6906ba95d7c57.min[1].js
[2014.10.31 23:01:50 | 000,001,980 | ---- | M] () -- \Users\Lenovo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R2G1LQQD\AdLoader[1].htm
[2014.10.06 14:52:24 | 000,072,638 | ---- | M] () -- \Users\Lenovo\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.10.06 14:52:24 | 000,003,032 | ---- | M] () -- \Users\Lenovo\AppData\Local\Skype\Apps\login\images\loader.png
[2014.10.06 14:52:24 | 000,006,012 | ---- | M] () -- \Users\Lenovo\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.10.06 14:52:24 | 000,021,956 | ---- | M] () -- \Users\Lenovo\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.10.06 14:52:24 | 000,009,772 | ---- | M] () -- \Users\Lenovo\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.10.29 10:39:53 | 000,001,437 | ---- | M] () -- \Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall\Uninstall Freemake Video Downloader.lnk
[2010.12.23 14:37:10 | 000,071,008 | ---- | M] () -- \Users\Lenovo\Desktop\HRY\tzs\Farming-Simulator-2011\PhysXLoader.dll
[2010.12.23 14:37:10 | 000,071,008 | ---- | M] () -- \Users\Lenovo\Desktop\HRY\tzs\Farming-Simulator-2011\autorun\PhysXLoader.dll
[2010.12.23 14:37:10 | 000,071,008 | ---- | M] () -- \Users\Lenovo\Desktop\HRY\tzs\Farming-Simulator-2011\Farming.Simulator.2011.ČEŠTINA\LS11-čeština\PhysXLoader.dll
[2010.12.23 14:37:10 | 000,071,008 | ---- | M] () -- \Users\Lenovo\Desktop\HRY\tzs\Farming-Simulator-2011\LS11-čeština\PhysXLoader.dll
[2014.10.29 10:57:52 | 000,000,145 | ---- | M] () -- \Users\Lenovo\Documents\Freemake\FreemakeVideoDownloader\Persistent\DownloaderPersistentList.xml
[2014.10.29 10:37:56 | 001,269,368 | ---- | M] () -- \Users\Lenovo\Downloads\FreemakeVideoDownloaderSetup.exe
[2014.10.29 13:33:21 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2014.10.28 22:16:46 | 000,014,438 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER32.EXE-BB2E4DE4.pf
[2014.10.28 22:16:48 | 000,011,318 | ---- | M] () -- \Windows\Prefetch\ASWWRCIELOADER64.EXE-123116A5.pf
[2013.08.02 03:12:19 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\63e7d454eeb6cdac5bd05042201891bd\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\63e7d454eeb6cdac5bd05042201891bd\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\b5eb64a2a2d59058733468e222ed35e9\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\b5eb64a2a2d59058733468e222ed35e9\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | ---- | M] () -- \Windows\SoftwareDistribution\Download\f6446aa2f5f86c06820f4e4200db84ac\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.09.29 04:23:06 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.09.29 04:23:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.01.06 14:20:21 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2012.01.06 14:20:21 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2012.01.06 14:20:21 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2012.01.06 14:20:21 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2012.01.06 14:20:21 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2014.10.29 08:48:40 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2014.10.29 08:48:40 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2014.10.29 08:48:40 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2014.10.29 08:48:40 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2014.10.29 08:48:40 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011.09.29 04:18:36 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.09.29 04:18:36 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.09.29 04:18:36 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.09.29 04:18:36 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.09.29 04:18:36 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2012.01.06 14:17:17 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 08:05:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010.11.21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.09.29 04:18:34 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.09.29 04:18:34 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.09.29 04:23:06 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.09.29 04:23:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2014.05.13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.10.29 16:37:30 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.01.06 14:20:00 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.04.14 19:20:46 | 000,415,592 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010.04.14 19:20:46 | 000,141,168 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010.04.14 19:20:46 | 000,321,376 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Xml.Serialization.dll
[2014.05.13 23:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014.10.29 16:38:02 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014.07.10 23:24:01 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2012.01.06 14:20:00 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2010.10.15 17:36:43 | 000,000,029 | ---- | M] () -- \Users\Lenovo\Desktop\HRY\tzs\Eng Fix\serial.txt
[2012.10.21 14:02:36 | 000,000,029 | ---- | M] () -- \Users\Lenovo\Desktop\HRY\tzs\Farming-Simulator-2011\Eng Fix\serial.txt
[2013.07.08 13:43:52 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.07.08 13:44:55 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.10.29 20:08:11 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91eb4f41130c65ef17f0fee1d3ab48fb\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.29 20:09:30 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\b1e0939384cc320d6ac7b8921ccc2877\System.Runtime.Serialization.ni.dll
[2014.10.29 20:04:32 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\2a07bf9a29a64827bf06e7853214fc0f\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.29 20:10:26 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5015b90fbd31c9ba4fff989b2c79711b\System.Runtime.Serialization.ni.dll
[2014.10.31 14:29:03 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.31 14:29:03 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.10.31 14:32:46 | 002,822,144 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
[2014.10.31 14:32:46 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll.aux
[2014.10.31 14:39:59 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.10.31 14:39:59 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014.10.31 14:45:19 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\10cfe6422504c1beb7abe4f8f26aa6a8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.10.31 14:45:19 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\10cfe6422504c1beb7abe4f8f26aa6a8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.10.31 14:47:21 | 003,638,272 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\6d9b2d977435904b70f2e1571f7cf026\System.Runtime.Serialization.ni.dll
[2014.10.31 14:47:21 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\6d9b2d977435904b70f2e1571f7cf026\System.Runtime.Serialization.ni.dll.aux
[2014.10.31 14:50:39 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014.10.31 14:50:38 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013.09.11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.amd64
[2013.09.11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.x86
[2013.09.11 22:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll_gac_x86
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.06 14:19:54 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014.07.10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 22:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 22:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014.06.24 00:43:09 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.06 14:19:51 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014.07.10 23:24:02 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014.07.23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 20:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 20:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014.07.14 04:53:34 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_ar-sa_da645b15477ad9eb.manifest
[2014.07.14 05:06:27 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_da-dk_62279955a1ab0e32.manifest
[2014.07.14 04:56:22 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_de-de_626c7a05a176cbe8.manifest
[2014.07.14 04:52:56 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_el-gr_8f51c7b5bfc9c04a.manifest
[2014.07.14 05:02:31 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_es-es_8f4df603bfcb934e.manifest
[2014.07.14 05:05:56 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_fi-fi_bd1ae931dd735bf4.manifest
[2014.07.14 04:56:04 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_fr-fr_bcc29c7fddb43b7c.manifest
[2014.07.14 04:55:44 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_he-il_17cc27e0196f027e.manifest
[2014.07.14 05:06:17 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_hu-hu_177adb4e19a99640.manifest
[2014.07.14 05:02:19 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_it-it_44ef81ca37923e6e.manifest
[2014.07.14 05:01:05 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_ja-jp_727292d65572caab.manifest
[2014.07.14 05:06:49 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_ko-kr_9fd5cde4736642c5.manifest
[2014.07.14 04:52:14 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_nb-no_2829be74cd293de9.manifest
[2014.07.14 05:02:36 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_nl-nl_2854311ccd07e77c.manifest
[2014.07.14 05:06:57 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_pl-pl_8329ded108e7a268.manifest
[2014.07.14 05:02:11 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_pt-br_82f0e70509113ca4.manifest
[2014.07.14 04:59:37 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_pt-pt_82db61c109214ca8.manifest
[2014.07.14 05:02:09 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_ru-ru_dda73fd345083cdc.manifest
[2014.07.14 04:55:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_sv-se_0bc015b762757499.manifest
[2014.07.14 04:55:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_tr-tr_389a5c6d80d257f0.manifest
[2014.07.14 05:03:57 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_zh-cn_493c76ac345a5d09.manifest
[2014.07.14 05:03:57 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_zh-tw_48db47a634a32819.manifest
[2014.07.14 05:05:41 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_ar-sa_c3979db361216d3a.manifest
[2014.07.14 05:10:34 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_da-dk_4b5adbf3bb51a181.manifest
[2014.07.14 05:09:12 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_de-de_4b9fbca3bb1d5f37.manifest
[2014.07.14 05:03:01 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_el-gr_78850a53d9705399.manifest
[2014.07.14 05:11:49 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_es-es_788138a1d972269d.manifest
[2014.07.14 05:11:35 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_fi-fi_a64e2bcff719ef43.manifest
[2014.07.14 05:02:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_fr-fr_a5f5df1df75acecb.manifest
[2014.07.14 05:04:14 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_he-il_00ff6a7e331595cd.manifest
[2014.07.14 05:03:42 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_hu-hu_00ae1dec3350298f.manifest
[2014.07.14 05:09:49 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_it-it_2e22c4685138d1bd.manifest
[2014.07.14 05:13:29 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_ja-jp_5ba5d5746f195dfa.manifest
[2014.07.14 05:13:12 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_ko-kr_890910828d0cd614.manifest
[2014.07.14 05:09:50 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_nb-no_115d0112e6cfd138.manifest
[2014.07.14 05:05:36 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_nl-nl_118773bae6ae7acb.manifest
[2014.07.14 05:10:32 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_pl-pl_6c5d216f228e35b7.manifest
[2014.07.14 05:12:27 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_pt-br_6c2429a322b7cff3.manifest
[2014.07.14 05:02:06 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_pt-pt_6c0ea45f22c7dff7.manifest
[2014.07.14 05:08:19 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_ru-ru_c6da82715eaed02b.manifest
[2014.07.14 05:12:10 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_sv-se_f4f358557c1c07e8.manifest
[2014.07.14 05:04:36 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_tr-tr_21cd9f0b9a78eb3f.manifest
[2014.07.14 05:05:37 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_zh-cn_326fb94a4e00f058.manifest
[2014.07.14 05:05:37 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_zh-tw_320e8a444e49bb68.manifest
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2012.01.06 14:19:41 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2010.11.21 08:06:15 | 000,005,120 | ---- | M] () -- \Windows\System32\en-US\serialui.dll.mui
[2012.01.06 14:23:30 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2012.01.06 14:19:41 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.11.21 08:06:15 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\en-US\serialui.dll.mui
[2012.01.06 14:23:30 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2012.01.06 14:19:51 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.01.06 14:19:51 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_1e468964c1feb99a\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.01.06 14:19:51 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_1ec35795db263fce\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.01.06 14:19:54 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2010.11.21 08:06:20 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781\serialui.dll.mui
[2012.01.06 14:23:29 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2012.01.06 14:20:00 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2012.01.06 14:20:00 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_bb8e310269277fd7\System.RunTime.Serialization.Resources.dll
[2012.01.06 14:20:00 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_bc0cffc7824d38b9\System.RunTime.Serialization.Resources.dll
[2012.01.06 14:19:55 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2010.11.21 08:06:21 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:09 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_a9a7e561157d82e9\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:05 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_92db3ec72f23fc97\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2014.03.09 22:48:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff\System.Runtime.Serialization.dll
[2014.07.10 23:24:02 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5\System.Runtime.Serialization.dll
[2014.03.17 15:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad\System.Runtime.Serialization.dll
[2014.07.08 00:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704\System.Runtime.Serialization.dll
[2010.11.21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2014.03.09 22:48:50 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98\System.Runtime.Serialization.dll
[2014.07.10 23:24:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e\System.Runtime.Serialization.dll
[2014.03.17 15:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846\System.Runtime.Serialization.dll
[2014.07.08 00:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d\System.Runtime.Serialization.dll
[2011.09.29 04:18:36 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.09.29 04:18:36 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2012.01.06 14:20:21 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2014.10.29 08:49:12 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_edb61e94e4562781_serialui.dll.mui_7d29d2a3
[2014.10.29 08:48:23 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2012.01.06 14:20:20 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2014.10.29 08:49:15 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b_serialui.dll.mui_7d29d2a3
[2014.10.29 08:48:33 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.09.29 04:18:34 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.09.29 04:18:34 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 04:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2014.07.02 07:30:52 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff.manifest
[2014.07.14 03:24:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5.manifest
[2014.07.02 07:30:44 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad.manifest
[2014.07.14 03:13:57 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704.manifest
[2010.11.21 04:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2014.07.02 07:31:00 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98.manifest
[2014.07.14 03:24:58 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e.manifest
[2014.07.02 07:30:53 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846.manifest
[2014.07.14 03:14:06 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d.manifest
[2010.11.21 04:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2014.07.02 06:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014.07.14 03:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2014.07.02 07:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014.07.14 03:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2012.01.06 14:18:43 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2010.11.21 08:05:51 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2014.07.02 08:46:46 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43.manifest
[2014.07.02 07:12:55 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_en-us_8f47fbdfbfd0e755.manifest
[2014.07.14 05:02:27 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2014.07.14 03:07:18 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_en-us_8f4912f1bfcfe70b.manifest
[2014.07.02 09:08:13 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1.manifest
[2014.07.02 07:12:12 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_en-us_787b5545d9776103.manifest
[2014.07.14 05:06:58 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2014.07.14 02:56:59 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_en-us_787c558fd9767a5a.manifest
[2010.11.21 04:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2014.07.02 07:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014.07.14 03:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2014.07.02 07:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014.07.14 03:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2010.11.21 04:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2014.07.02 06:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014.07.14 03:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2014.07.02 07:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014.07.14 03:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014.06.24 00:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2012.01.06 14:19:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.08 13:43:52 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7601.18523_cs-cz_d5997ba9da0ab4d7\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014.07.10 23:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2014.03.17 15:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2012.01.06 14:20:00 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2013.07.08 13:44:55 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_cs-cz_342b81c984259c43\System.RunTime.Serialization.Resources.dll
[2013.07.08 13:44:55 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9\System.RunTime.Serialization.Resources.dll
[2013.07.09 07:34:25 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_cs-cz_1d5edb2f9dcc15f1\System.RunTime.Serialization.Resources.dll
[2013.07.09 07:34:25 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2014.03.17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2012.01.06 14:19:54 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.06 14:19:54 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_289b33b6f65f7b95\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.06 14:19:54 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.22731_cs-cz_291801e80f8701c9\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.01.06 14:19:41 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2010.11.21 08:06:15 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_en-us_919783112bf8b64b\serialui.dll.mui
[2012.01.06 14:23:30 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2012.01.06 14:20:00 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2012.01.06 14:20:00 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.18523_cs-cz_5f6f957eb0ca0ea1\System.RunTime.Serialization.Resources.dll
[2012.01.06 14:20:00 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.22733_cs-cz_5fee6443c9efc783\System.RunTime.Serialization.Resources.dll
[2010.11.21 04:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2014.03.09 22:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014.07.10 23:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2014.03.17 15:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014.07.08 00:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

#30 Příspěvek od **Márty84** » 02 lis 2014 18:59

Napiste mi velikost adresare plochy (C:\Users\Lenovo\Desktop)

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
gupdate
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2172694318-107010662-708045567-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
FF - prefs.js..browser.search.suggest.enabled: true
FF - prefs.js..browser.search.useDBForOrder: true
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014.10.31 17:03:35 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\MBAMSwissArmy.sys
[2014.10.31 17:03:12 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbamchameleon.sys
[2014.10.31 17:03:12 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mwac.sys
[2014.10.31 17:03:12 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2014.10.29 10:41:27 | 000,000,000 | ---D | C] -- C:\Users\Lenovo\AppData\Local\Pokki
[2014.10.28 20:09:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.10.29 12:38:05 | 000,024,064 | ---- | C] () -- C:\windows\zoek-delete.exe
[2 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

VIRY.CZ

Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá

Re: Chrome se načte a okamžitě zamrzne- nic nepomáhá