Prosím o kontrolu

Zpráva

#16 Příspěvek od **Márty84** » 05 led 2014 19:35

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

meijo · #17 Příspěvek od **meijo** » 05 led 2014 20:43

OTL Extras logfile created on: 5.1.2014 19:54:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lou\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,91 Gb Total Physical Memory | 0,73 Gb Available Physical Memory | 38,07% Memory free
3,82 Gb Paging File | 1,82 Gb Available in Paging File | 47,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 82,98 Gb Free Space | 69,59% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 139,09 Gb Free Space | 90,41% Space Free | Partition Type: NTFS

Computer Name: STEVEN | User Name: Lou | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.txt[@ = txtfile] -- Reg Error: Key error. File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- Reg Error: Key error. File not found
.txt [@ = txtfile] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06BFB33C-26AA-46EA-94E4-B8534C698398}" = rport=2869 | protocol=6 | dir=out | app=system |
"{0786A364-2B01-4C53-8979-300288807636}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{08A457A1-734E-49D7-A616-828574895B9A}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{107B811E-B553-4FCA-9536-B478010CDCA7}" = rport=138 | protocol=17 | dir=out | app=system |
"{1C65F210-BB36-48FA-8EFE-8886C951763E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1DCB3DC0-1B00-4291-A690-4C3A2CA3997A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{204A6AA5-9247-4962-B215-AE31E13E695F}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\wdexpress.exe |
"{281E9FD7-2032-4F39-A098-4EE62FF5D9B7}" = rport=445 | protocol=6 | dir=out | app=system |
"{29CD2722-6BA7-4EC8-89D5-CF6E92A05AD9}" = lport=137 | protocol=17 | dir=in | app=system |
"{2A111800-0A03-4184-8870-5E18C501CCDE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2B3179C0-4536-4731-8B87-D74B010D26DD}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{2C585195-9FCE-4792-A480-EF451CAEFBB6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2CAF5E9A-91FD-46A0-B18B-6B737DB4AC3C}" = lport=445 | protocol=6 | dir=in | app=system |
"{2F9A7948-CE7E-4245-93B2-170FD3DD4190}" = rport=10243 | protocol=6 | dir=out | app=system |
"{35C791D5-91DD-410A-9447-FB0993AE23ED}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3733C92E-EC05-4014-B40F-9E9C9CEC76FE}" = lport=48113 | protocol=6 | dir=in | name=maconfig_tcp |
"{3AEC513F-B412-40F0-B657-FC725167FBD4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{45E40DFE-8F8F-4DAD-8C05-5E609E15992A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4A6F1D1D-FDCB-4C8A-BD97-53D44BC2F0A8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4BA8D8FE-6809-4D27-AC0B-1BC5E50FCB2D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{51F66EA3-9EE3-4325-BA7E-82C8FE757DFA}" = rport=137 | protocol=17 | dir=out | app=system |
"{5A76FBD3-8816-4EBF-A186-500580E78C9F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5E6FB616-7594-4335-93DD-84406CC96481}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5FE2061E-339F-4610-88CC-729DEE71D75B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6BEDC008-668C-47E3-8500-4F0896F7E059}" = lport=2869 | protocol=6 | dir=in | app=system |
"{740197B5-9B91-43DC-9448-5F2FAA99E4ED}" = lport=48113 | protocol=17 | dir=in | name=maconfig_udp |
"{749E4E68-5A9D-4310-B9DB-2C57114EA704}" = rport=139 | protocol=6 | dir=out | app=system |
"{7AB8A74F-8F07-419F-ACFC-4498ED2E68B8}" = lport=138 | protocol=17 | dir=in | app=system |
"{7CDD9E95-C503-4711-97BD-25BA5ADAA3DC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8193A909-AA2C-4855-AB2B-590095767258}" = lport=139 | protocol=6 | dir=in | app=system |
"{81F3F1BE-C324-4F69-A573-9E1CC7E11F86}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{89AF3C29-2267-4430-8F80-8A51FE06F2F1}" = rport=137 | protocol=17 | dir=out | app=system |
"{8C1C3703-E06E-47A6-9E46-5E64680CA835}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8C4C9F01-E6ED-4EE4-A861-ED9D6069E637}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{8C6DD438-7D20-471A-B7F7-F772EBC1BF19}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8D495CD9-8999-47E1-9FD4-E3827DC44934}" = lport=445 | protocol=6 | dir=in | app=system |
"{8EE53228-67B7-4914-B14B-3A8E2EDDE914}" = rport=10243 | protocol=6 | dir=out | app=system |
"{91B46EBF-2E80-47F7-8B62-70DE1D608599}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{991E6F72-B990-4A19-8C29-3A8C3AD992CB}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{99982C45-23E8-4D48-B59B-65083A051144}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9CE50617-1979-4D3D-B8C3-6D0CB94C2442}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A3D9A423-85ED-46CA-B0C5-70D0EC5ABC85}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A85C8925-6F5D-4A82-9422-45EF52EC4172}" = rport=445 | protocol=6 | dir=out | app=system |
"{A967DE42-167E-4855-ABBD-8E79F01FE451}" = rport=139 | protocol=6 | dir=out | app=system |
"{B8A744A2-B4A6-46E1-84DE-5301D35FFB30}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9288DD1-EEBA-4680-B8BC-CC55CA96209A}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{BC18753B-6C83-41E8-AAE2-4E5B45B936D6}" = lport=138 | protocol=17 | dir=in | app=system |
"{C00F8C88-4807-46C6-85DB-B33959358FC3}" = lport=139 | protocol=6 | dir=in | app=system |
"{C2C5F420-5805-4DBB-B90F-8DD3C81203C3}" = rport=138 | protocol=17 | dir=out | app=system |
"{C331311B-2823-45E6-8185-B230BF69F466}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C8A59E0E-8E2D-40C3-9065-A5B852D51944}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CF4A6FFC-10B6-4F5E-8714-82B33DBFB8F9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DC5FA52D-2EA4-4A63-8CD3-CE3CF4B3D717}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{E1D85F95-A94D-4241-9D4E-529F491D7599}" = lport=137 | protocol=17 | dir=in | app=system |
"{E7D9CD4E-5B6C-4799-BAA5-19D8824CA721}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EBDCAFF5-C12B-4F41-B535-CE5A3DE5AAEE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6216EE3-F64E-4A1C-9AF2-5C37ED9C604D}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F999BC84-123D-41E5-9EAF-2B8213411581}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{065AA441-0833-457B-82A2-D8F2711C9DD1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{24310495-F783-411F-A084-73198978FBE0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{279099E3-6295-4DA4-ACF4-F5A6EEE339B8}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2A9B9A84-CB7D-4E2D-9CA8-9ACB2607E65F}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe |
"{2CD3A937-F389-4B6C-9B89-BD74A393AB2F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{33F3D9D0-7471-4841-91CF-A1E21FEEA5AE}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ids.application.exe |
"{37E3F20F-DE20-4516-B208-CC46191BDD72}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3B7D54D3-86E6-4AE3-867F-4CCC155F1502}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{440E73F0-22AF-422D-BE12-31564BCC11A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{498A83E7-1F64-453F-853B-04342943D1ED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{49AD4FE5-E495-4266-B3EF-40FFB6736291}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4DA3135C-FE3A-4327-9163-37CEA0209ED3}" = protocol=6 | dir=in | app=c:\program files\hexchat\hexchat.exe |
"{504F4A6F-8606-420D-97A4-993F0BE36D10}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{51A112D3-DF5A-4F9D-805E-D3A78FB051C5}" = protocol=6 | dir=out | app=system |
"{5260BFDC-33FF-4DD1-A3CA-6DD1226708CD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5609ACD3-BB0F-48AA-A58F-1750922DB33E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5D1D5A78-7350-4D94-9286-F612E67AC0EA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5F67A69E-5798-43FF-A8DF-B45D2ADC41FE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6139F920-28CF-42C2-88F3-A92660C1E375}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{63722777-5A39-4A7A-9DC0-700C7D803868}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{65D430CA-9A93-484F-AA64-91ECDB216CFA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{72065031-1BF3-4F91-B949-0DE7443A32EA}" = dir=in | app=c:\program files (x86)\intel corporation\intel wireless display\widiapp.exe |
"{73ED6059-4ABF-47AB-9995-8C99139D618D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{75F7ED18-0511-4362-A6A1-FD4D619DE3ED}" = protocol=17 | dir=in | app=c:\program files\hexchat\hexchat.exe |
"{7B0CA09B-E132-4AA1-8B28-59AA97CB5C57}" = protocol=17 | dir=in | app=c:\program files\ma-config.com\x64\maconfservice.exe |
"{7DD78F41-0DE3-4A22-B4B1-7387AB7A68D2}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe |
"{801DBE9D-8D98-4844-B72B-3BDA734AF2DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8135D217-E75D-442A-A005-DE4E4BFBAB77}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{867F4559-0F94-4C5F-805D-18B5C77CD238}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{89EAB2DD-ABB2-46C7-BCEC-67FF20149FE1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{94CF6955-4608-45DB-8980-AAB5E10C1DCB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{98AEB7DC-CEAB-4136-B427-919EF8E9DD0A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9B15F693-7BE6-4C83-ACC0-C481A95321E0}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{9CA207B6-E4FD-4D6E-874D-0DCBF67E3E22}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9CD09840-B549-4F75-9EEB-6BE3B543DAE8}" = protocol=6 | dir=in | app=c:\program files\ma-config.com\x64\maconfservice.exe |
"{A2B2831B-5ACC-4570-A669-426C43D32633}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{A7C6B549-0E58-455B-926C-B4B2290FDA31}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{ABF01636-2F0B-4E94-A56E-7BA576A8633C}" = protocol=6 | dir=out | app=system |
"{AD29B28E-7AA3-4C13-8BCB-E7373F378ED2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{AF4AE69A-970E-423A-BC81-27A1EA6D36DD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{AFDE30E9-49C2-4D1A-8A7B-082552FC6659}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe |
"{B27FF543-EAF1-45B6-8986-A51A18550C6C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B898C53B-71DE-4492-A9BD-BC2CE15796A0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B8B4E785-9232-4B9A-8B01-74C63AC2AA26}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{BA659944-BC85-4713-9144-787918C6CFB8}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CA4FBA7B-F959-46B2-ACC2-2C6D06146C56}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD0F0E7A-A369-4DF2-AD44-FD43253648CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CD9446C2-EE13-4B1B-AB86-3CCE70915DA6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D3A33543-AF0F-4C92-9605-CBC2E513D30C}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\idsalert.exe |
"{D49F362E-2FE8-42CB-B97A-89E42D3B2A50}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D606BCF0-90F3-4E56-8869-4C6C0687392D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D7B37B27-4376-459F-97E5-7443A70F4D66}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\ordersupplies.exe |
"{E0D30F80-AA73-4689-BE43-F635F592B237}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\easy printer manager\cdas2pc\cdas2pc.exe |
"{E73554F3-E436-4AB7-8367-F7FC434EAEEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EEA677F1-C048-45A7-BEA7-FEA8AC885BCC}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F10F74AA-0DF1-4194-B732-0B7ACB5FB7F2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F870DF9B-DED2-4B7F-8AD8-5AEF481C2510}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F936AA1A-019D-4E9D-B31F-4BB48EE6C739}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FFC94CB1-CCCD-41E4-ACF1-BB4DF0D59C4E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{6D0D83BF-46DD-4AD9-ADAF-FEFDCBDD8796}C:\program files\hexchat\hexchat.exe" = protocol=6 | dir=in | app=c:\program files\hexchat\hexchat.exe |
"TCP Query User{AE749F0B-142C-4B94-A4B8-6D2D4A3E1A1D}C:\program files (x86)\java\jre6\launch4j-tmp\frd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\launch4j-tmp\frd.exe |
"TCP Query User{E37493F8-C5FE-44CF-BE19-A6D716132D7A}E:\programmation\qtchat\release\qtchat.exe" = protocol=6 | dir=in | app=e:\programmation\qtchat\release\qtchat.exe |
"TCP Query User{E4714ADC-D31E-483B-BED7-EE134571BD0A}C:\program files (x86)\valve\portal 2\portal2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\valve\portal 2\portal2.exe |
"UDP Query User{04870D66-C8F2-469A-BBEE-DB139BBAEF25}C:\program files (x86)\valve\portal 2\portal2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\valve\portal 2\portal2.exe |
"UDP Query User{35CE3A0D-04E0-4137-BD84-AA59DAD8ACD3}C:\program files\hexchat\hexchat.exe" = protocol=17 | dir=in | app=c:\program files\hexchat\hexchat.exe |
"UDP Query User{3F0E3304-0C0E-40F8-8A2D-3D5BED2118F3}C:\program files (x86)\java\jre6\launch4j-tmp\frd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\launch4j-tmp\frd.exe |
"UDP Query User{44823339-CF28-4006-8630-458A16074A94}E:\programmation\qtchat\release\qtchat.exe" = protocol=17 | dir=in | app=e:\programmation\qtchat\release\qtchat.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{031A0E14-0413-4C97-9772-2639B782F46F}" = Common Desktop Agent
"{0437C01E-70D6-489B-B504-952F59912A72}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1730D13B-7517-4321-A88B-64627CF67CDC}_is1" = Logon Screen
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{3C8159DD-1890-4625-A5B2-E3D8D78D4486}" = AVG 2012
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4827A9B4-FC4C-4BA9-9EFB-10CF703E7C3A}" = Windows Live Family Safety
"{4970B06C-7708-4AAB-9341-3FD1D9B1AA34}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{65EDA937-3C7B-4009-99A1-795FD3FBECF5}" = Windows Live Family Safety
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{76BB831E-D059-449A-AFDE-2A677E45DF18}" = Windows Live Family Safety
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8068ACF9-B398-4C14-BEF6-817F12024707}" = Windows Live Family Safety
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A6752BB4-C571-4F3B-9A47-97405068DE0B}" = Windows Live Family Safety
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BD864ECC-620D-4240-AB9A-B5F7340E337C}" = Windows Live Family Safety
"{C02C2C22-2EB1-47C8-B74F-8AB1A62FAE31}" = Windows Live Family Safety
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C933FB4A-CFC0-4DDD-8FB1-A437B6C58B34}" = Windows Live Family Safety
"{CB5FBF73-7CE7-481C-8598-8D4C34705C23}" = Windows Live Family Safety
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"CCleaner" = CCleaner
"EPSON SX218 Series" = EPSON SX218 Series Printer Uninstall

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{52E225FC-FCB4-41F7-837B-6E37FB05BD7B}" = Adobe AIR
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90140000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 14
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Czech
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}" = Google+ Auto Backup
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AmUStor" = Alcor Micro USB Card Reader
"Asus Vibe2.0" = AsusVibe2.0
"avast" = avast! Free Antivirus
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.14.1206
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"Mozilla Firefox 19.0.2 (x86 cs)" = Mozilla Firefox 19.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Picasa 3" = Picasa 3
"Samsung Easy Printer Manager" = Samsung Easy Printer Manager
"Samsung ML-2160 Series" = Samsung ML-2160 Series
"Samsung Printer Live Update" = Samsung Printer Live Update
"VLC media player" = VLC media player 2.0.7
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12.11.2012 17:18:46 | Computer Name = Steven | Source = MsiInstaller | ID = 1024
Description =

Error - 12.11.2012 17:18:48 | Computer Name = Steven | Source = MsiInstaller | ID = 1024
Description =

Error - 12.11.2012 17:19:00 | Computer Name = Steven | Source = MsiInstaller | ID = 10005
Description =

Error - 12.11.2012 17:19:01 | Computer Name = Steven | Source = MsiInstaller | ID = 1024
Description =

Error - 12.11.2012 17:19:14 | Computer Name = Steven | Source = MsiInstaller | ID = 10005
Description =

Error - 12.11.2012 17:19:16 | Computer Name = Steven | Source = MsiInstaller | ID = 1024
Description =

Error - 12.11.2012 17:19:26 | Computer Name = Steven | Source = MsiInstaller | ID = 10005
Description =

Error - 12.11.2012 17:19:26 | Computer Name = Steven | Source = MsiInstaller | ID = 1024
Description =

Error - 12.11.2012 17:19:37 | Computer Name = Steven | Source = MsiInstaller | ID = 10005
Description =

Error - 12.11.2012 17:19:37 | Computer Name = Steven | Source = MsiInstaller | ID = 1024
Description =

[ System Events ]
Error - 3.1.2014 18:49:40 | Computer Name = Steven | Source = ipnathlp | ID = 31004
Description =

Error - 3.1.2014 18:53:50 | Computer Name = Steven | Source = Service Control Manager | ID = 7003
Description = Služba ATKGFNEX Service závisí na následující službě: ASMMAP64. Tato
služba pravděpodobně není nainstalována.

Error - 3.1.2014 19:22:00 | Computer Name = Steven | Source = Service Control Manager | ID = 7003
Description = Služba ATKGFNEX Service závisí na následující službě: ASMMAP64. Tato
služba pravděpodobně není nainstalována.

Error - 4.1.2014 5:21:00 | Computer Name = Steven | Source = Service Control Manager | ID = 7003
Description = Služba ATKGFNEX Service závisí na následující službě: ASMMAP64. Tato
služba pravděpodobně není nainstalována.

Error - 4.1.2014 5:22:20 | Computer Name = Steven | Source = NetBT | ID = 4321
Description = Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou
192.168.1.106. Počítač s IP adresou 192.168.1.103 nepovolil získání názvu tímto počítačem.

Error - 4.1.2014 6:49:33 | Computer Name = Steven | Source = Service Control Manager | ID = 7003
Description = Služba ATKGFNEX Service závisí na následující službě: ASMMAP64. Tato
služba pravděpodobně není nainstalována.

Error - 4.1.2014 7:01:38 | Computer Name = Steven | Source = Service Control Manager | ID = 7003
Description = Služba ATKGFNEX Service závisí na následující službě: ASMMAP64. Tato
služba pravděpodobně není nainstalována.

Error - 4.1.2014 16:46:15 | Computer Name = Steven | Source = Service Control Manager | ID = 7003
Description = Služba ATKGFNEX Service závisí na následující službě: ASMMAP64. Tato
služba pravděpodobně není nainstalována.

Error - 4.1.2014 17:36:22 | Computer Name = Steven | Source = Service Control Manager | ID = 7003
Description = Služba ATKGFNEX Service závisí na následující službě: ASMMAP64. Tato
služba pravděpodobně není nainstalována.

Error - 5.1.2014 6:29:49 | Computer Name = Steven | Source = Service Control Manager | ID = 7003
Description = Služba ATKGFNEX Service závisí na následující službě: ASMMAP64. Tato
služba pravděpodobně není nainstalována.

< End of report >

meijo · #18 Příspěvek od **meijo** » 05 led 2014 20:49

OTL logfile created on: 5.1.2014 19:54:27 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lou\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,91 Gb Total Physical Memory | 0,73 Gb Available Physical Memory | 38,07% Memory free
3,82 Gb Paging File | 1,82 Gb Available in Paging File | 47,66% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 82,98 Gb Free Space | 69,59% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 139,09 Gb Free Space | 90,41% Space Free | Partition Type: NTFS

Computer Name: STEVEN | User Name: Lou | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.01.05 15:13:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lou\Desktop\OTL.exe
PRC - [2013.12.25 08:55:50 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.12.25 08:55:50 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.08.31 15:33:32 | 001,545,856 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011.08.02 22:31:22 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.01.25 19:32:28 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010.12.21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.15 18:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010.10.07 22:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.08.17 22:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009.06.19 18:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 18:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 01:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008.12.23 01:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.14 05:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

========== Modules (No Company Name) ==========

MOD - [2013.12.15 13:22:29 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
MOD - [2013.12.15 13:21:45 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bcf51dc88597d0835c819a2d5a755b74\PresentationFramework.ni.dll
MOD - [2013.12.15 13:21:23 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013.12.15 13:21:12 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013.12.15 13:21:05 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013.12.15 13:21:00 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013.12.15 13:20:58 | 012,238,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\51478a61dbd40488e320a0061e23c4df\PresentationCore.ni.dll
MOD - [2013.12.15 13:20:43 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013.12.15 13:20:39 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013.12.15 13:20:30 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013.12.04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013.12.04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013.12.04 03:47:11 | 000,702,416 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
MOD - [2013.12.04 03:47:11 | 000,099,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
MOD - [2013.12.04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
MOD - [2013.11.21 21:58:43 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2011.08.31 15:33:32 | 000,208,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
MOD - [2011.02.19 06:35:31 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011.02.19 06:35:31 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2010.11.13 03:00:59 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013.12.25 08:55:50 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.01.25 22:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010.09.17 09:32:56 | 000,241,488 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe -- (TiMiniService)
SRV - [2013.12.14 15:00:56 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.11.07 01:52:56 | 000,279,000 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.05.11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.03.08 09:29:36 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2011.08.02 22:31:22 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.08.02 22:13:24 | 000,103,584 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.12.21 02:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.21 02:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.12.15 18:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Stopped] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.06.16 01:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.12.25 08:56:23 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2013.12.25 08:56:01 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2013.12.25 08:56:01 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2013.12.25 08:56:01 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2013.12.25 08:56:01 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013.11.21 21:58:49 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013.11.21 21:58:49 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013.11.07 01:52:44 | 005,363,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.09.05 20:19:31 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 14:16:48 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.10.07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011.09.13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011.08.08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011.08.02 22:22:52 | 000,511,136 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.08.02 22:22:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.08.02 22:21:50 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.08.02 22:21:20 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.08.02 22:21:04 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.08.02 22:20:50 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.08.02 22:20:34 | 000,110,240 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011.08.02 22:20:18 | 000,330,912 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.07.11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011.07.11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011.07.11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011.07.11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011.06.27 01:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.06.02 18:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.06.02 18:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.05.23 01:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.31 11:30:10 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010.11.20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.09.23 08:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.17 09:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010.09.17 09:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010.09.17 09:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010.09.17 09:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010.08.24 10:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.07.20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.05.24 01:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010.07.26 21:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO_)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... -SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\..\SearchScopes\{73DCF60E-7F7C-4D7E-A0D8-A585D43DD3C1}: "URL" = http://www.google.com/search?q={searchT ... f8&oe=utf8
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={se ... chr-comodo
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:8.0.1482
FF - prefs.js..extensions.enabledAddons: %7B77d2ed30-4cd2-11e0-b8af-0800200c9a66%7D:5.6
FF - prefs.js..browser.startup.homepage: "http://us.yahoo.com?fr=fp-comodo"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://us.search.yahoo.com/search?fr=ytff-comodo&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2012.04.14 23:12:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.12.25 08:56:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.08 09:29:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2013.01.27 12:26:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lou\AppData\Roaming\mozilla\Extensions
[2011.12.26 11:51:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lou\AppData\Roaming\mozilla\Firefox\extensions
[2011.12.26 11:51:38 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Lou\AppData\Roaming\mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2014.01.04 10:47:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Lou\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions
[2014.01.04 10:47:55 | 000,000,000 | ---D | M] (Start Page) -- C:\Users\Lou\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
[2013.03.07 18:06:56 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Lou\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2014.01.03 23:46:29 | 000,537,103 | ---- | M] () (No name found) -- C:\Users\Lou\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\extensions\PrivDog@AdTrustMedia.com.xpi
[2014.01.04 10:47:51 | 000,000,905 | ---- | M] () -- C:\Users\Lou\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\searchplugins\yahoo_ff.xml
[2013.03.08 09:29:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.12.25 08:56:02 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013.03.08 09:29:37 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.03 13:57:13 | 000,002,421 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\heureka-cz.xml
[2013.03.03 13:57:13 | 000,000,851 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\jyxo-cz.xml
[2013.03.03 13:57:13 | 000,001,580 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\seznam-cz.xml
[2013.03.03 13:57:13 | 000,000,867 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\slunecnice-cz.xml
[2013.03.03 13:57:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-cz.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U13 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll
CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: AdBlock = C:\Users\Lou\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0\
CHR - Extension: avast! Online Security = C:\Users\Lou\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Users\Lou\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\

O1 HOSTS File: ([2014.01.05 12:39:09 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No CLSID value found.
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Lou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HControl.exe (ASUS)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStartupSound = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisplayLastLogonInfo = 0
O7 - HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll ()
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3FB759A-94F3-4B9E-BDF6-767512FF016C}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O18 - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.01.05 15:13:21 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lou\Desktop\OTL.exe
[2014.01.05 11:41:40 | 000,016,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014.01.05 11:41:39 | 000,154,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys.bak
[2014.01.05 11:41:38 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014.01.05 11:41:38 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014.01.05 11:41:35 | 000,129,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014.01.05 11:41:34 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014.01.05 11:41:33 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014.01.05 11:41:32 | 000,052,736 | ---- | C] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys.bak
[2014.01.05 11:41:32 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014.01.05 11:41:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014.01.05 11:41:32 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014.01.05 11:41:30 | 000,144,464 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys.bak
[2014.01.05 11:41:30 | 000,105,552 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys.bak
[2014.01.05 11:41:30 | 000,067,664 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys.bak
[2014.01.05 11:41:30 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014.01.05 11:41:30 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2014.01.05 11:41:29 | 000,090,704 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys.bak
[2014.01.05 11:41:29 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014.01.05 11:41:27 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014.01.05 11:41:27 | 000,068,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014.01.05 11:41:27 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014.01.05 11:41:27 | 000,024,656 | ---- | C] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014.01.05 11:41:27 | 000,011,576 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\drivers\SSPORT.SYS.bak
[2014.01.05 11:41:26 | 000,426,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014.01.05 11:41:25 | 000,056,832 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\Windows\SysNative\drivers\SiSG664.sys.bak
[2014.01.05 11:41:25 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014.01.05 11:41:23 | 000,171,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014.01.05 11:41:22 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014.01.05 11:41:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014.01.05 11:41:21 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014.01.05 11:41:21 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys.bak
[2014.01.05 11:41:17 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014.01.05 11:41:13 | 000,048,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014.01.05 11:41:04 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014.01.05 11:40:55 | 000,065,600 | ---- | C] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014.01.05 11:40:55 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014.01.05 11:40:54 | 000,076,912 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys.bak
[2014.01.05 11:40:52 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014.01.05 11:40:51 | 000,317,440 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys.bak
[2014.01.05 11:40:50 | 005,363,200 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2014.01.05 11:40:49 | 000,438,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2014.01.05 11:40:48 | 000,078,720 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014.01.05 11:40:48 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014.01.05 11:40:47 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014.01.05 11:40:47 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2014.01.05 11:40:46 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014.01.05 11:40:46 | 000,031,232 | ---- | C] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014.01.05 11:40:46 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014.01.05 11:40:45 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys.bak
[2014.01.05 11:40:43 | 003,286,016 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014.01.05 11:40:43 | 000,138,024 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\drivers\ETD.sys.bak
[2014.01.05 11:40:42 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014.01.05 11:40:42 | 000,038,328 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\EpfwLWF.sys.bak
[2014.01.05 11:40:41 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014.01.05 11:40:41 | 000,055,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014.01.05 11:40:41 | 000,028,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014.01.05 11:40:41 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014.01.05 11:40:40 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014.01.05 11:40:40 | 000,027,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014.01.05 11:40:39 | 000,039,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014.01.05 11:40:38 | 000,179,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014.01.05 11:40:37 | 000,468,480 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014.01.05 11:40:35 | 000,511,136 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btfilter.sys.bak
[2014.01.05 11:40:35 | 000,280,992 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_rcp.sys.bak
[2014.01.05 11:40:35 | 000,167,584 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_hcrp.sys.bak
[2014.01.05 11:40:35 | 000,068,256 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_lwflt.sys.bak
[2014.01.05 11:40:35 | 000,036,000 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_flt.sys.bak
[2014.01.05 11:40:34 | 000,330,912 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_a2dp.sys.bak
[2014.01.05 11:40:34 | 000,110,240 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_avdt.sys.bak
[2014.01.05 11:40:34 | 000,030,368 | ---- | C] (Atheros) -- C:\Windows\SysNative\drivers\btath_bus.sys.bak
[2014.01.05 11:40:31 | 000,270,848 | ---- | C] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014.01.05 11:40:31 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak
[2014.01.05 11:40:31 | 000,028,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014.01.05 11:40:30 | 000,375,376 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys.bak
[2014.01.05 11:40:30 | 000,283,728 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak
[2014.01.05 11:40:30 | 000,046,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak
[2014.01.05 11:40:30 | 000,037,456 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak
[2014.01.05 11:40:30 | 000,029,776 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys.bak
[2014.01.05 11:40:30 | 000,026,704 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys.bak
[2014.01.05 11:40:29 | 000,120,400 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys.bak
[2014.01.05 11:40:28 | 002,753,536 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys.bak
[2014.01.05 11:40:28 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014.01.05 11:40:28 | 000,048,992 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgfwd6a.sys.bak
[2014.01.05 11:40:27 | 000,401,896 | ---- | C] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys.bak
[2014.01.05 11:40:27 | 000,128,488 | ---- | C] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmthub3.sys.bak
[2014.01.05 11:40:25 | 000,194,128 | ---- | C] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014.01.05 11:40:25 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014.01.05 11:40:25 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014.01.05 11:40:21 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014.01.05 11:38:43 | 000,000,000 | ---D | C] -- C:\Users\Lou\Desktop\RK_Quarantine
[2014.01.04 22:39:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.01.04 22:06:31 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.04 21:49:38 | 000,000,000 | ---D | C] -- C:\rsit
[2014.01.04 15:51:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014.01.04 10:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2014.01.04 00:08:58 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2014.01.04 00:08:58 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2014.01.03 23:47:22 | 000,000,000 | ---D | C] -- C:\Users\Lou\AppData\Local\AdTrustMedia
[2014.01.03 23:46:16 | 000,000,000 | ---D | C] -- C:\Program Files\AdTrustMedia
[2014.01.03 23:46:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Adtrustmedia
[2014.01.03 23:33:36 | 000,000,000 | ---D | C] -- C:\Users\Lou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
[2014.01.03 19:55:55 | 000,000,000 | ---D | C] -- C:\Users\Lou\AppData\Roaming\SUPERAntiSpyware.com
[2014.01.03 19:55:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013.12.27 14:56:39 | 000,000,000 | ---D | C] -- C:\Users\Lou\Desktop\doc
[2013.12.25 09:15:29 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
[2013.12.25 09:15:28 | 000,000,000 | ---D | C] -- C:\Users\Lou\AppData\Roaming\Samsung
[2013.12.25 09:14:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
[2013.12.25 09:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2013.12.25 09:14:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SamsungPrinterLiveUpdate
[2013.12.25 09:14:06 | 000,151,552 | ---- | C] (SS) -- C:\Windows\SysNative\ssj1mci.exe
[2013.12.25 09:14:05 | 000,089,600 | ---- | C] (SS) -- C:\Windows\SysNative\ssj1mci.dll
[2013.12.25 09:13:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2013.12.25 08:56:23 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2013.12.23 20:32:50 | 004,558,848 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2013.12.15 11:59:36 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2013.12.15 11:59:35 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2013.12.15 11:59:34 | 011,410,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2013.12.15 11:59:31 | 014,631,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2013.12.15 11:44:17 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013.12.15 11:07:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013.12.15 11:07:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013.12.15 11:07:43 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013.12.15 11:07:39 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013.12.15 11:07:39 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013.12.15 11:07:39 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013.12.15 11:07:32 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013.12.15 11:07:32 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.12.15 11:07:32 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013.12.15 11:07:32 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.12.15 11:07:32 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013.12.15 11:07:32 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013.12.15 11:07:31 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.12.15 11:07:31 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.12.15 11:07:31 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013.12.15 11:07:31 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013.12.15 11:07:31 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013.12.15 11:07:31 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013.12.15 11:07:30 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013.12.15 11:07:30 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013.12.15 11:07:30 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013.12.15 11:07:30 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013.12.15 11:07:29 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013.12.15 11:07:28 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.12.15 11:07:27 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.12.15 11:00:07 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.12.15 11:00:06 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.12.15 11:00:04 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.12.15 11:00:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.12.15 11:00:03 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.12.15 11:00:03 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.12.15 11:00:00 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.12.15 11:00:00 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.12.15 10:59:59 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.12.15 10:59:55 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.12.15 10:59:55 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.12.15 10:59:52 | 002,334,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.12.15 10:59:51 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.12.15 10:59:51 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.12.15 10:59:51 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.12.15 10:29:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.12.15 10:21:08 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.12.15 10:21:08 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2013.12.15 10:21:07 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.12.15 10:21:07 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2013.12.15 10:21:04 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.12.15 10:21:04 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2013.12.15 10:20:58 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.12.15 10:20:58 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.12.15 10:20:58 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.12.15 10:20:58 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.12.15 10:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.12.15 10:20:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.12.15 10:20:58 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.12.15 10:20:58 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.12.15 10:20:57 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.12.15 10:20:57 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.12.15 10:20:57 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.12.15 10:20:56 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.12.15 10:20:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.12.15 10:20:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.12.15 10:20:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.12.15 10:20:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.12.15 10:20:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.12.15 10:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.12.15 10:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.12.15 10:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.12.15 10:20:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.12.15 10:20:55 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.12.15 10:20:55 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.12.15 10:20:55 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.12.15 10:20:55 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.12.15 10:20:54 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.12.15 10:20:53 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.12.15 10:20:52 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2013.12.15 10:20:52 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2013.12.15 10:20:51 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.12.15 10:20:51 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.12.15 10:20:51 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.12.15 10:20:50 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.12.15 10:14:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013.12.15 10:14:36 | 000,032,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys
[2013.12.15 10:14:27 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.12.15 10:14:27 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.12.15 10:14:22 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2013.12.15 10:14:22 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2013.12.15 10:13:29 | 005,549,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.12.15 10:13:28 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.12.15 10:13:27 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.12.15 10:13:27 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.12.15 10:13:27 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2013.12.15 10:13:27 | 000,859,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdh.dll
[2013.12.15 10:13:26 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdh.dll
[2013.12.15 10:13:26 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.12.15 10:13:25 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.12.15 10:13:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.12.15 10:13:25 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.12.15 10:13:24 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.12.15 10:13:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.12.15 10:13:16 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.12.15 10:13:16 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.12.15 10:13:15 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.12.15 10:13:15 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.12.15 10:13:15 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.12.15 10:13:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.12.15 10:13:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.12.15 10:13:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013.12.15 10:13:14 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.12.15 10:13:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.12.15 10:13:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.12.15 10:13:14 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.12.15 10:13:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.12.15 10:13:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.12.15 10:13:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.12.15 10:13:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.12.15 10:13:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.12.15 10:13:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.12.15 10:13:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.12.15 10:13:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.12.15 10:13:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.12.15 10:13:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.12.15 10:13:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.12.15 10:13:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.12.15 10:13:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.12.15 10:13:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.12.15 10:13:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.12.15 10:13:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.12.15 10:13:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.12.15 10:13:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.12.15 10:13:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.12.15 10:13:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.12.15 10:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.12.15 10:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.12.15 10:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.12.15 10:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.12.15 10:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.12.15 10:13:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.12.15 10:13:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.12.15 10:13:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.12.15 10:13:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.12.15 10:13:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.12.15 10:13:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.12.15 10:13:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.12.15 10:13:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.12.15 10:13:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.12.15 10:13:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.12.15 10:13:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.12.15 10:13:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.12.15 10:12:40 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.12.15 10:11:58 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013.12.15 10:11:58 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013.12.15 10:11:57 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013.12.15 10:11:57 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013.12.15 10:11:25 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.12.15 10:11:25 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.12.15 10:11:23 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.12.15 10:11:22 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.12.15 10:11:22 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2013.12.15 10:11:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2013.12.15 10:11:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2013.12.15 10:11:09 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.12.15 10:11:00 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013.12.15 10:10:24 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.12.15 10:10:24 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.12.15 10:10:11 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.12.15 10:10:11 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.12.15 10:10:11 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll
[2013.12.15 10:10:11 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll
[2013.12.15 10:10:10 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll
[2013.12.15 10:09:25 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.12.15 10:09:03 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.12.15 10:08:51 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msieftp.dll
[2013.12.15 10:08:44 | 000,301,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msieftp.dll
[2013.12.15 10:08:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013.12.15 10:08:36 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys
[2013.12.15 10:08:36 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys
[2013.12.15 10:08:33 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2013.12.15 10:08:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.12.15 10:08:10 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
[2013.12.15 10:08:09 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.12.15 10:08:09 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013.12.15 10:08:09 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013.12.15 10:08:08 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.12.15 10:08:06 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\davclnt.dll
[2013.12.15 10:08:03 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cscript.exe
[2013.12.15 10:08:03 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wshom.ocx
[2013.12.15 10:08:03 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wshom.ocx
[2013.12.15 10:08:02 | 000,202,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scrrun.dll
[2013.12.15 10:08:01 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\scrrun.dll
[2013.12.15 10:08:01 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cscript.exe
[2013.12.15 10:08:00 | 000,368,128 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2013.12.15 10:08:00 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2013.12.15 10:08:00 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2013.12.15 10:07:59 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2013.12.15 10:07:59 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2013.12.15 10:07:59 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013.12.15 10:07:59 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2013.12.15 10:07:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2013.12.15 10:07:58 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2013.12.15 10:07:46 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.12.15 10:07:03 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.12.15 10:07:02 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2013.12.15 10:05:57 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.12.15 10:05:57 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.12.15 10:00:01 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2013.12.15 10:00:01 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2013.12.15 09:54:15 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll
[2013.12.15 09:54:15 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll
[2013.12.15 09:54:15 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL
[2013.12.15 09:54:15 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL
[2013.12.15 09:54:06 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll
[2013.12.08 00:52:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2013.12.07 22:14:40 | 000,000,000 | ---D | C] -- C:\Users\Lou\AppData\Roaming\Intel
[2013.12.07 22:14:33 | 000,000,000 | ---D | C] -- C:\Users\Lou\Roaming
[2013.12.07 22:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[1 C:\Users\Lou\Desktop\*.tmp files -> C:\Users\Lou\Desktop\*.tmp -> ]

meijo · #19 Příspěvek od **meijo** » 05 led 2014 20:50

========== Files - Modified Within 30 Days ==========

[2014.01.05 19:57:03 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.01.05 19:56:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.01.05 18:22:29 | 000,120,187 | ---- | M] () -- C:\Users\Lou\Desktop\....jpg
[2014.01.05 15:13:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lou\Desktop\OTL.exe
[2014.01.05 14:28:07 | 000,832,273 | ---- | M] () -- C:\Users\Lou\Desktop\RSITx64.exe
[2014.01.05 12:39:09 | 000,000,741 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.01.05 11:41:40 | 000,016,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wmilib.sys.bak
[2014.01.05 11:41:39 | 000,154,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WimFltr.sys.bak
[2014.01.05 11:41:39 | 000,054,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys.bak
[2014.01.05 11:41:38 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\watchdog.sys.bak
[2014.01.05 11:41:35 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\videoprt.sys.bak
[2014.01.05 11:41:34 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys.bak
[2014.01.05 11:41:34 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys.bak
[2014.01.05 11:41:32 | 000,052,736 | ---- | M] (Apple, Inc.) -- C:\Windows\SysNative\drivers\usbaapl64.sys.bak
[2014.01.05 11:41:32 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBCAMD2.sys.bak
[2014.01.05 11:41:32 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys.bak
[2014.01.05 11:41:32 | 000,007,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys.bak
[2014.01.05 11:41:31 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys.bak
[2014.01.05 11:41:30 | 000,144,464 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys.bak
[2014.01.05 11:41:30 | 000,105,552 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys.bak
[2014.01.05 11:41:30 | 000,090,704 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys.bak
[2014.01.05 11:41:30 | 000,067,664 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys.bak
[2014.01.05 11:41:30 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys.bak
[2014.01.05 11:41:29 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tdi.sys.bak
[2014.01.05 11:41:28 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tape.sys.bak
[2014.01.05 11:41:27 | 000,189,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys.bak
[2014.01.05 11:41:27 | 000,068,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\stream.sys.bak
[2014.01.05 11:41:27 | 000,024,656 | ---- | M] (Promise Technology) -- C:\Windows\SysNative\drivers\stexstor.sys.bak
[2014.01.05 11:41:27 | 000,011,576 | ---- | M] (Samsung Electronics) -- C:\Windows\SysNative\drivers\SSPORT.SYS.bak
[2014.01.05 11:41:26 | 000,426,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\spsys.sys.bak
[2014.01.05 11:41:25 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\SysNative\drivers\SiSG664.sys.bak
[2014.01.05 11:41:25 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\smclib.sys.bak
[2014.01.05 11:41:24 | 000,171,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\scsiport.sys.bak
[2014.01.05 11:41:22 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rmcast.sys.bak
[2014.01.05 11:41:22 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys.bak
[2014.01.05 11:41:22 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rootmdm.sys.bak
[2014.01.05 11:41:21 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys.bak
[2014.01.05 11:41:17 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\portcls.sys.bak
[2014.01.05 11:41:14 | 000,048,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pciidex.sys.bak
[2014.01.05 11:41:04 | 000,376,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys.bak
[2014.01.05 11:40:55 | 000,065,600 | ---- | M] (LSI Corporation) -- C:\Windows\SysNative\drivers\lsi_sas2.sys.bak
[2014.01.05 11:40:55 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\mcd.sys.bak
[2014.01.05 11:40:54 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\L1C62x64.sys.bak
[2014.01.05 11:40:53 | 000,015,416 | ---- | M] ( ) -- C:\Windows\SysNative\drivers\kbfiltr.sys.bak
[2014.01.05 11:40:52 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\irda.sys.bak
[2014.01.05 11:40:51 | 000,317,440 | ---- | M] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys.bak
[2014.01.05 11:40:50 | 005,363,200 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys.bak
[2014.01.05 11:40:49 | 000,438,808 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\iaStor.sys.bak
[2014.01.05 11:40:48 | 000,078,720 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\SysNative\drivers\HpSAMD.sys.bak
[2014.01.05 11:40:48 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys.bak
[2014.01.05 11:40:48 | 000,032,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidparse.sys.bak
[2014.01.05 11:40:47 | 000,056,344 | ---- | M] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys.bak
[2014.01.05 11:40:46 | 000,288,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS.bak
[2014.01.05 11:40:46 | 000,048,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys.bak
[2014.01.05 11:40:46 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Windows\SysNative\drivers\hcw85cir.sys.bak
[2014.01.05 11:40:46 | 000,023,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys.bak
[2014.01.05 11:40:43 | 003,286,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\evbda.sys.bak
[2014.01.05 11:40:43 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\drivers\ETD.sys.bak
[2014.01.05 11:40:43 | 000,038,328 | ---- | M] (ESET) -- C:\Windows\SysNative\drivers\EpfwLWF.sys.bak
[2014.01.05 11:40:42 | 000,265,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys.bak
[2014.01.05 11:40:41 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxg.sys.bak
[2014.01.05 11:40:41 | 000,055,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpfve.sys.bak
[2014.01.05 11:40:41 | 000,028,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Dumpata.sys.bak
[2014.01.05 11:40:41 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxapi.sys.bak
[2014.01.05 11:40:40 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\drmk.sys.bak
[2014.01.05 11:40:40 | 000,027,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Diskdump.sys.bak
[2014.01.05 11:40:39 | 000,039,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys.bak
[2014.01.05 11:40:38 | 000,179,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys.bak
[2014.01.05 11:40:37 | 000,468,480 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\bxvbda.sys.bak
[2014.01.05 11:40:36 | 000,511,136 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btfilter.sys.bak
[2014.01.05 11:40:35 | 000,280,992 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_rcp.sys.bak
[2014.01.05 11:40:35 | 000,167,584 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_hcrp.sys.bak
[2014.01.05 11:40:35 | 000,068,256 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_lwflt.sys.bak
[2014.01.05 11:40:35 | 000,036,000 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_flt.sys.bak
[2014.01.05 11:40:35 | 000,030,368 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_bus.sys.bak
[2014.01.05 11:40:34 | 000,330,912 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_a2dp.sys.bak
[2014.01.05 11:40:34 | 000,110,240 | ---- | M] (Atheros) -- C:\Windows\SysNative\drivers\btath_avdt.sys.bak
[2014.01.05 11:40:31 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys.bak
[2014.01.05 11:40:31 | 000,270,848 | ---- | M] (Broadcom Corporation) -- C:\Windows\SysNative\drivers\b57nd60a.sys.bak
[2014.01.05 11:40:31 | 000,031,080 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak
[2014.01.05 11:40:31 | 000,028,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\battc.sys.bak
[2014.01.05 11:40:30 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak
[2014.01.05 11:40:30 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys.bak
[2014.01.05 11:40:30 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak
[2014.01.05 11:40:30 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak
[2014.01.05 11:40:30 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys.bak
[2014.01.05 11:40:30 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys.bak
[2014.01.05 11:40:29 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgfwd6a.sys.bak
[2014.01.05 11:40:28 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys.bak
[2014.01.05 11:40:28 | 000,155,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys.bak
[2014.01.05 11:40:27 | 000,401,896 | ---- | M] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys.bak
[2014.01.05 11:40:27 | 000,128,488 | ---- | M] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmthub3.sys.bak
[2014.01.05 11:40:26 | 000,027,008 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys.bak
[2014.01.05 11:40:25 | 000,194,128 | ---- | M] (AMD Technologies Inc.) -- C:\Windows\SysNative\drivers\amdsbs.sys.bak
[2014.01.05 11:40:25 | 000,107,904 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys.bak
[2014.01.05 11:40:22 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\1394bus.sys.bak
[2014.01.05 11:38:10 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.01.05 11:38:10 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.01.05 11:30:53 | 000,000,434 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2014.01.05 11:30:06 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2014.01.05 11:29:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.01.05 11:29:36 | 1536,135,168 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.04 22:04:00 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
[2014.01.04 12:06:19 | 001,624,242 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.01.04 12:06:19 | 000,683,798 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.01.04 12:06:19 | 000,668,796 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.01.04 12:06:19 | 000,146,702 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.01.04 12:06:19 | 000,126,948 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.01.04 10:57:58 | 000,000,241 | ---- | M] () -- C:\WirelessDiagLog.csv
[2014.01.04 00:08:59 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2014.01.04 00:08:58 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2014.01.03 23:54:04 | 000,002,376 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2014.01.03 23:53:58 | 000,001,782 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2014.01.03 20:03:24 | 130,603,904 | ---- | M] () -- C:\Users\Lou\Desktop\setup_11.0.1.1245.x01_2013_12_31_13_35.exe
[2014.01.03 20:02:59 | 132,386,032 | ---- | M] ( ) -- C:\Users\Lou\Desktop\setup_9.0.1.722_31.12.2013_14-35.exe
[2014.01.03 19:47:22 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.12.27 14:51:19 | 000,060,836 | ---- | M] () -- C:\Users\Lou\Desktop\doc.rar
[2013.12.25 08:56:24 | 000,001,968 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.12.25 08:56:23 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2013.12.25 08:56:01 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2013.12.25 08:56:01 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2013.12.25 08:56:01 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2013.12.25 08:56:01 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2013.12.25 08:56:01 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2013.12.25 08:56:00 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013.12.23 20:32:50 | 004,558,848 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr
[2013.12.15 13:12:17 | 000,001,003 | ---- | M] () -- C:\Users\Public\Desktop\Windows Media Player.lnk
[2013.12.15 13:10:10 | 005,029,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.12.15 11:48:45 | 001,592,258 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.12.14 22:53:19 | 000,000,162 | -H-- | M] () -- C:\Users\Lou\Desktop\~$Marysa.rtf
[2013.12.14 15:00:55 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.12.14 15:00:55 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.12.07 22:02:46 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[1 C:\Users\Lou\Desktop\*.tmp files -> C:\Users\Lou\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.01.05 18:22:28 | 000,120,187 | ---- | C] () -- C:\Users\Lou\Desktop\....jpg
[2014.01.05 15:18:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.01.05 14:27:58 | 000,832,273 | ---- | C] () -- C:\Users\Lou\Desktop\RSITx64.exe
[2014.01.05 11:40:53 | 000,015,416 | ---- | C] ( ) -- C:\Windows\SysNative\drivers\kbfiltr.sys.bak
[2014.01.03 20:08:04 | 132,386,032 | ---- | C] ( ) -- C:\Users\Lou\Desktop\setup_9.0.1.722_31.12.2013_14-35.exe
[2014.01.03 20:07:46 | 130,603,904 | ---- | C] () -- C:\Users\Lou\Desktop\setup_11.0.1.1245.x01_2013_12_31_13_35.exe
[2014.01.03 19:47:22 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.12.27 14:56:29 | 000,060,836 | ---- | C] () -- C:\Users\Lou\Desktop\doc.rar
[2013.12.25 09:14:16 | 001,554,336 | ---- | C] () -- C:\Windows\TotalUninstaller.exe
[2013.12.25 09:14:11 | 000,219,136 | ---- | C] () -- C:\Windows\SysNative\SBuySupplies.exe
[2013.12.25 09:14:11 | 000,034,304 | ---- | C] () -- C:\Windows\SysNative\ssj1mlm.dll
[2013.12.25 09:14:11 | 000,000,359 | ---- | C] () -- C:\Windows\SysNative\ssj1mlm.smt
[2013.12.25 09:13:58 | 000,158,425 | ---- | C] () -- C:\Windows\ssj1mLTR.prn
[2013.12.25 09:13:58 | 000,147,249 | ---- | C] () -- C:\Windows\ssj1mA4.prn
[2013.12.25 08:56:24 | 000,001,968 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013.12.15 13:12:16 | 000,001,003 | ---- | C] () -- C:\Users\Public\Desktop\Windows Media Player.lnk
[2013.12.14 22:53:19 | 000,000,162 | -H-- | C] () -- C:\Users\Lou\Desktop\~$Marysa.rtf
[2013.12.07 22:18:41 | 000,000,241 | ---- | C] () -- C:\WirelessDiagLog.csv
[2013.12.07 22:02:46 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
[2013.12.07 22:02:01 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2013.11.07 01:52:54 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2013.11.07 01:52:42 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013.11.07 01:52:40 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.05.13 14:00:51 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012.04.15 16:21:20 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2012.04.06 13:41:21 | 001,592,258 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.03.19 22:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.03.19 22:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.02.11 17:51:42 | 000,144,040 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.02.11 17:12:32 | 000,315,682 | ---- | C] () -- C:\Windows\SysWow64\slwc.exe
[2012.02.11 17:08:20 | 000,111,104 | ---- | C] () -- C:\Windows\SysWow64\Uharc.exe
[2012.02.11 17:08:20 | 000,008,636 | ---- | C] () -- C:\Windows\SysWow64\modifype.exe
[2011.12.26 00:15:53 | 000,007,628 | ---- | C] () -- C:\Users\Lou\AppData\Local\Resmon.ResmonCfg
[2011.04.01 10:21:01 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========

[2013.10.26 10:03:44 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Ashampoo
[2011.12.25 20:11:55 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\ASUS WebStorage
[2012.01.08 14:05:21 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Audacity
[2013.11.30 14:08:45 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\AVAST Software
[2012.03.20 00:42:12 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\AVG
[2011.12.26 12:36:23 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\AVG2012
[2012.06.29 21:44:20 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.04.02 20:07:44 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\C__Program Files (x86)_WebcamMax_webcammax.exe
[2012.09.30 17:03:47 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\DAEMON Tools Lite
[2012.01.29 21:14:14 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\DVDVideoSoft
[2012.09.29 20:50:22 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\ESET
[2011.12.25 18:19:11 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\ICQ
[2012.08.11 09:32:14 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\InfraRecorder
[2012.01.28 19:52:35 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\MP3 Cut
[2011.12.25 20:16:05 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Nuance
[2012.04.16 13:55:10 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\OpenOffice.org
[2012.07.01 22:18:41 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Opera
[2012.10.21 10:45:59 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Rainmeter
[2013.12.25 09:15:47 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Samsung
[2012.06.28 11:30:41 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.03.04 13:05:15 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\TeamViewer
[2011.12.31 23:11:39 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\TuneUp Software
[2012.04.05 13:15:35 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\URSoft
[2012.07.01 11:06:19 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\VirtuaWin
[2012.01.20 22:58:16 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\VitySoft
[2011.12.28 22:16:08 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\WebcamMax
[2012.01.13 17:56:40 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Yandex
[2011.12.25 20:15:51 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Zeon

========== Purity Check ==========
========== Custom Scans ==========

< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,580 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.06.27 20:30:58 | 000,000,272 | ---- | C] () -- C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job
[2012.06.27 20:30:58 | 000,000,288 | ---- | C] () -- C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
[2013.01.30 09:06:48 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.20 14:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 14:24:28 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 13:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 13:16:56 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 10:19:22 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.25 07:19:32 | 002,388,992 | ---- | M] (Microsoft Corporation) MD5=0BB35AB5F6EFF7A8BC40AC4DB6C90D3E -- C:\Windows\explorer.exe
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 13:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 14:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.20 14:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 14:33:36 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.20 13:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 13:21:06 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 14:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 14:27:26 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2012.10.03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013.09.08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010.11.20 14:33:58 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.08.22 19:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2013.07.06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012.10.03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2012.08.22 19:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 13:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 14:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 14:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.20 14:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 14:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< >

< %systemroot%*.* /U /s >
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[15 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1ddb35edae9ffc3937df9b7c7c580a42\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1ddb35edae9ffc3937df9b7c7c580a42\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2012.06.28 09:01:28 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Adobe
[2012.06.28 11:30:42 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Adobe Mini Bridge CS5
[2012.02.12 16:38:48 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Apple Computer
[2013.10.26 10:03:44 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Ashampoo
[2011.12.25 20:11:55 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\ASUS WebStorage
[2011.12.28 01:26:00 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Atheros
[2012.01.08 14:05:21 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Audacity
[2013.11.30 14:08:45 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\AVAST Software
[2012.03.20 00:42:12 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\AVG
[2011.12.26 12:36:23 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\AVG2012
[2012.06.29 21:44:20 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.04.02 20:07:44 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\C__Program Files (x86)_WebcamMax_webcammax.exe
[2012.09.30 17:03:47 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\DAEMON Tools Lite
[2013.12.07 23:18:35 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\dvdcss
[2012.01.29 21:14:14 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\DVDVideoSoft
[2012.09.29 20:50:22 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\ESET
[2011.12.25 20:16:13 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\FLEXnet
[2012.01.13 23:09:34 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Google
[2011.12.25 18:19:11 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\ICQ
[2012.01.13 16:01:51 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Identities
[2012.08.11 09:32:14 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\InfraRecorder
[2013.12.07 22:14:40 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Intel
[2011.12.25 23:53:15 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Macromedia
[2012.02.11 22:28:37 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Malwarebytes
[2009.07.14 08:44:38 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Media Center Programs
[2013.01.09 09:32:28 | 000,000,000 | --SD | M] -- C:\Users\Lou\AppData\Roaming\Microsoft
[2013.01.27 12:26:06 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Mozilla
[2012.01.28 19:52:35 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\MP3 Cut
[2011.12.25 20:16:05 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Nuance
[2012.04.16 13:55:10 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\OpenOffice.org
[2012.07.01 22:18:41 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Opera
[2012.01.17 17:21:18 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\PSpad
[2012.10.21 10:45:59 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Rainmeter
[2013.12.25 09:15:47 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Samsung
[2012.04.02 20:18:57 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Skype
[2012.06.28 11:30:41 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2014.01.03 19:55:55 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\SUPERAntiSpyware.com
[2012.03.04 13:05:15 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\TeamViewer
[2011.12.31 23:11:39 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\TuneUp Software
[2012.04.05 13:15:35 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\URSoft
[2012.07.01 11:06:19 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\VirtuaWin
[2012.01.20 22:58:16 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\VitySoft
[2013.12.07 23:18:35 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\vlc
[2011.12.28 22:16:08 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\WebcamMax
[2012.01.13 17:56:40 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Yandex
[2011.12.25 20:15:51 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\Zeon

< %APPDATA%\*.exe /s >
[2013.10.18 14:59:59 | 000,054,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Lou\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2014.01.03 23:33:36 | 000,071,894 | R--- | M] () -- C:\Users\Lou\AppData\Roaming\Microsoft\Installer\{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}\GPUploader.exe
[2012.08.16 21:13:37 | 000,010,134 | R--- | M] () -- C:\Users\Lou\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2011.01.25 19:32:28 | 000,166,528 | ---- | M] (ASUS) -- C:\Users\Lou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HControl.exe
[2012.07.22 18:37:27 | 000,786,492 | ---- | M] () -- C:\Users\Lou\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
[2012.07.22 18:37:30 | 015,823,872 | ---- | M] () -- C:\Users\Lou\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
[2012.07.22 18:37:27 | 000,107,008 | ---- | M] () -- C:\Users\Lou\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
[2012.10.21 10:45:59 | 000,009,216 | -H-- | M] () -- C:\Users\Lou\AppData\Roaming\Rainmeter\Rainmeter.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2014.01.05 19:56:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013.11.09 13:06:51 | 000,000,272 | ---- | M] () -- C:\Windows\Tasks\DLL-files.com Fixer_MONTHLY.job
[2014.01.04 22:04:00 | 000,000,288 | ---- | M] () -- C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.01.04 00:08:58 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gdiplus.dll
[2014.01.05 11:32:53 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2014.01.04 00:08:59 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc71.dll
[2014.01.04 00:08:58 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr71.dll

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >

< *keygen* /s >

< *AntiWPA* /s >
< *loader* /s >
[2014.01.04 12:27:12 | 000,000,537 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Lou\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\scripts\loader_1036.js.vir
[2010.09.17 09:58:44 | 000,012,976 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Common\UI\MiniBrowser.cmpt\resources\loader.js
[2010.09.17 09:58:44 | 000,000,608 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Common\UI\MiniBrowser.cmpt\resources\en-us.lproj\loader.html
[2010.09.17 09:32:50 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\utilGenericLoader.dll
[2010.09.17 09:52:24 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup32\AMSP\utilGenericLoader.dll
[2010.09.17 09:33:08 | 000,030,864 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\utilGenericLoader.dll
[2010.09.17 09:52:28 | 000,030,864 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Setup64\AMSP\utilGenericLoader.dll
[2010.09.17 09:33:10 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\SupportTool\32bit\utilGenericLoader.dll
[2010.09.17 09:33:10 | 000,030,864 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\SupportTool\64bit\utilGenericLoader.dll
[2010.09.30 17:56:42 | 000,003,671 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\DA-DK\loader.html
[2010.09.30 17:56:44 | 000,003,709 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\DE-DE\loader.html
[2010.09.30 17:56:42 | 000,003,664 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\EN-US\loader.html
[2010.09.30 17:56:44 | 000,003,657 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\ES-ES\loader.html
[2010.09.30 17:56:46 | 000,003,673 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\FR-CA\loader.html
[2010.09.30 17:56:46 | 000,003,673 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\FR-FR\loader.html
[2010.09.30 17:56:46 | 000,003,692 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\IT-IT\loader.html
[2010.09.30 17:56:48 | 000,003,730 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\JA-JP\loader.html
[2010.09.30 17:56:48 | 000,003,711 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\KO-KR\loader.html
[2010.09.30 17:56:50 | 000,003,677 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\NB-NO\loader.html
[2010.09.30 17:56:50 | 000,003,670 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\NL-NL\loader.html
[2010.09.30 17:56:50 | 000,003,679 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\PT-BR\loader.html
[2010.09.30 17:56:52 | 000,003,762 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\RU-RU\loader.html
[2010.09.30 17:56:52 | 000,003,670 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\SV-SE\loader.html
[2010.09.30 17:56:52 | 000,003,682 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\TR-TR\loader.html
[2010.09.30 17:56:54 | 000,003,650 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\ZH-CN\loader.html
[2010.09.30 17:56:54 | 000,003,650 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\ZH-TW\loader.html
[2010.09.17 09:32:56 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1725v0.0.0l1p1r1o1\utilGenericLoader.dll
[2010.09.17 09:33:10 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Vizor32\utilGenericLoader.dll
[2011.12.07 19:18:52 | 002,952,856 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVideoSoft\Dll\DVSVideoDownloader.dll
[2011.12.07 19:34:02 | 001,901,208 | ---- | M] () -- \Program Files (x86)\Common Files\DVDVideoSoft\Dll\HttpVideoDownloader.dll
[2010.10.07 03:36:40 | 000,265,552 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 03:36:40 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2011.12.07 19:18:48 | 000,041,112 | ---- | M] () -- \Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\DVDVideoSoft.DVSVideoDownloader.dll
[2013.12.23 19:55:48 | 000,000,702 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_advoptions.fen
[2013.12.23 19:55:48 | 000,000,790 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_debug.fen
[2013.12.23 19:55:48 | 000,000,723 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_download.fen
[2013.12.23 19:55:48 | 000,000,694 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_file_errors.fen
[2013.02.09 02:39:28 | 000,000,934 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_main.fen
[2013.12.23 19:55:48 | 000,000,634 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_manage_devices.fen
[2013.12.23 19:55:48 | 000,002,283 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_onboard.fen
[2013.12.23 19:55:48 | 000,001,417 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_options.fen
[2013.12.23 19:55:48 | 000,001,330 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_pinwheel_72.png
[2013.12.23 19:55:48 | 000,002,541 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_pinwheel_72x2.png
[2013.12.23 19:55:48 | 000,002,109 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_prefs.fen
[2013.12.23 19:55:48 | 000,000,956 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error1.fen
[2013.12.23 19:55:48 | 000,001,080 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error2.fen
[2013.12.23 19:55:48 | 000,001,139 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_quota_error_estimate.fen
[2013.12.23 19:55:48 | 000,002,181 | ---- | M] () -- \Program Files (x86)\Google\Picasa3\runtime\gpuploader_welcome.fen
[2005.06.07 12:25:46 | 000,044,032 | ---- | M] () -- \Program Files (x86)\WinRAR\RarExtLoader.exe
[2010.10.07 03:36:40 | 000,387,408 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.10.07 03:36:40 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010.09.17 09:52:28 | 000,030,864 | ---- | M] () -- \Program Files\Trend Micro\AMSP\utilGenericLoader.dll
[2010.09.30 17:56:42 | 000,003,671 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\DA-DK\loader.html
[2010.09.30 17:56:44 | 000,003,709 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\DE-DE\loader.html
[2010.09.30 17:56:42 | 000,003,664 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\EN-US\loader.html
[2010.09.30 17:56:44 | 000,003,657 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\ES-ES\loader.html
[2010.09.30 17:56:46 | 000,003,673 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\FR-CA\loader.html
[2010.09.30 17:56:46 | 000,003,673 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\FR-FR\loader.html
[2010.09.30 17:56:46 | 000,003,692 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\IT-IT\loader.html
[2010.09.30 17:56:48 | 000,003,730 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\JA-JP\loader.html
[2010.09.30 17:56:48 | 000,003,711 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\KO-KR\loader.html
[2010.09.30 17:56:50 | 000,003,677 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\NB-NO\loader.html
[2010.09.30 17:56:50 | 000,003,670 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\NL-NL\loader.html
[2010.09.30 17:56:50 | 000,003,679 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\PT-BR\loader.html
[2010.09.30 17:56:52 | 000,003,762 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\RU-RU\loader.html
[2010.09.30 17:56:52 | 000,003,670 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\SV-SE\loader.html
[2010.09.30 17:56:52 | 000,003,682 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\TR-TR\loader.html
[2010.09.30 17:56:54 | 000,003,650 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\ZH-CN\loader.html
[2010.09.30 17:56:54 | 000,003,650 | ---- | M] () -- \Program Files\Trend Micro\Titanium\LocalHelp\ZH-TW\loader.html
[2010.09.17 09:58:44 | 000,012,976 | ---- | M] () -- \Program Files\Trend Micro\Titanium\UI\MiniBrowser.cmpt\resources\loader.js
[2010.09.17 09:58:44 | 000,000,608 | ---- | M] () -- \Program Files\Trend Micro\Titanium\UI\MiniBrowser.cmpt\resources\en-us.lproj\loader.html
[2010.09.17 09:32:56 | 000,024,160 | ---- | M] () -- \Program Files\Trend Micro\Titanium\UIFramework\utilGenericLoader.dll
[2010.09.17 09:58:44 | 000,012,976 | ---- | M] () -- \Program Files\Trend Micro\Titanium\www\MiniBrowser.cmpt\resources\loader.js
[2010.09.17 09:58:44 | 000,000,608 | ---- | M] () -- \Program Files\Trend Micro\Titanium\www\MiniBrowser.cmpt\resources\en-us.lproj\loader.html
[2013.12.23 11:01:46 | 003,244,032 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll
[2013.12.23 10:55:50 | 000,000,702 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_advoptions.fen
[2013.12.23 10:55:50 | 000,000,790 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_debug.fen
[2013.12.23 10:55:50 | 000,000,723 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_download.fen
[2013.12.23 10:55:50 | 000,000,694 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_file_errors.fen
[2013.12.23 10:55:50 | 000,171,541 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_icons.psd
[2013.12.23 10:55:50 | 000,000,634 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_manage_devices.fen
[2013.12.23 10:55:50 | 000,002,283 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_onboard.fen
[2013.12.23 10:55:50 | 000,001,417 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_options.fen
[2013.12.23 10:55:50 | 000,002,109 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_prefs.fen
[2013.12.23 10:55:50 | 000,000,956 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error1.fen
[2013.12.23 10:55:50 | 000,001,080 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error2.fen
[2013.12.23 10:55:50 | 000,001,139 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_quota_error_estimate.fen
[2013.12.23 10:55:50 | 000,002,181 | ---- | M] () -- \Users\Lou\AppData\Local\Programs\Google\Google+ Auto Backup\runtime\gpuploader_welcome.fen
[2014.01.03 23:33:36 | 000,071,894 | R--- | M] () -- \Users\Lou\AppData\Roaming\Microsoft\Installer\{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}\GPUploader.exe
[2011.12.13 17:40:56 | 000,010,144 | ---- | M] () -- \Users\Lou\AppData\Roaming\Mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\modules\ExternalLibraryLoader.jsm
[2010.03.24 19:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 19:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 19:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 19:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.03.24 19:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.03.24 19:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.10.07 03:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2010.10.07 03:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004119110000000000000000F01FEC\14.0.6029\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2014.01.05 19:54:15 | 000,035,540 | ---- | M] () -- \Windows\Prefetch\RAREXTLOADER.EXE-4B76CB3C.pf
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2012.10.04 09:12:02 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2012.10.04 09:12:02 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 11\shockwave_Projector_Loader.dcr
[2009.07.14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.02.19 06:35:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.02.19 06:35:43 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.02.19 06:35:43 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.02.19 06:35:43 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.02.19 06:35:43 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2011.05.04 19:25:41 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.05.04 19:25:41 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011.05.04 19:25:41 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011.05.04 19:25:41 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011.05.04 19:25:41 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.02.19 06:33:15 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.20 15:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.05.04 19:25:38 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.05.04 19:25:38 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >
[2010.07.11 04:41:43 | 000,001,482 | ---- | M] () -- \ProgramData\AutoKMS\AutoKMS.cmd
[2010.07.11 04:41:43 | 000,001,482 | ---- | M] () -- \Users\All Users\AutoKMS\AutoKMS.cmd
[2012.07.22 18:48:22 | 000,000,161 | ---- | M] () -- \Windows\AutoKMS.ini

< *activator* /s >
< *serial* /s >
[2013.09.13 01:53:56 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.12.15 10:58:06 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.02.19 06:35:31 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2012.02.15 14:15:14 | 000,236,032 | ---- | M] () -- \Program Files (x86)\Samsung\Easy Printer Manager\SmartScreenPrint\W2PSerializer.dll
[2013.09.13 02:23:44 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.dll
[2013.12.15 10:58:58 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.20913.0\System.Runtime.Serialization.ni.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.02.19 06:35:31 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.10.17 20:23:23 | 000,000,024 | ---- | M] () -- \Users\Lou\AppData\Local\Google\Picasa2\cache\cacheindex_serial.pmp
[2011.02.19 06:35:21 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.01.15 16:01:48 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll
[2013.12.15 13:21:24 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.15 13:22:47 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013.01.15 15:58:47 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.15 13:16:18 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.15 13:19:29 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013.12.15 11:53:53 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a281f3909e9182522777315b3a25ec5a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.15 11:53:53 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\a281f3909e9182522777315b3a25ec5a\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013.12.15 11:53:37 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll
[2013.12.15 11:53:37 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll.aux
[2013.12.15 12:19:10 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\6b054c1a64987a9caa2a1c98b070f47f\System.Xml.Serialization.ni.dll
[2013.12.15 12:19:10 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\6b054c1a64987a9caa2a1c98b070f47f\System.Xml.Serialization.ni.dll.aux
[2013.12.15 12:06:42 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\be004a953afb5efce4024c709ba7530b\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013.12.15 12:06:42 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\be004a953afb5efce4024c709ba7530b\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2013.12.15 12:09:18 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\8d4b7607099258e7d99570bdccb896ee\System.Runtime.Serialization.ni.dll
[2013.12.15 12:09:18 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\8d4b7607099258e7d99570bdccb896ee\System.Runtime.Serialization.ni.dll.aux
[2013.12.15 12:13:34 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\e296a5b243715614b9ab338b4a60f8b0\System.Xml.Serialization.ni.dll
[2013.12.15 12:13:34 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\e296a5b243715614b9ab338b4a60f8b0\System.Xml.Serialization.ni.dll.aux
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.02.19 06:35:31 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.02.19 06:35:30 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 22:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 21:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 21:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 21:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 21:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.02.19 06:35:12 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011.02.19 06:35:12 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.02.19 06:35:30 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.02.19 06:35:22 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.02.19 06:35:31 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.02.19 06:35:23 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.05 02:52:18 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.05 02:52:10 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2011.05.04 19:25:41 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.05.04 19:25:41 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.02.19 06:35:43 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.02.19 06:35:43 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.05.04 19:25:38 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.05.04 19:25:38 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.20 15:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.20 15:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.20 14:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011.02.19 06:34:18 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 21:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 20:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.20 14:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.20 14:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.02.19 06:35:21 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.05 02:52:40 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011.02.19 06:35:26 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 03:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011.02.19 06:35:31 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.02.19 06:35:12 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.02.19 06:35:31 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.05 02:52:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

#20 Příspěvek od **Márty84** » 05 led 2014 21:03

Co ten crack na office?

Mate tam pekny brajgl v tech antivirech

Zkuste pouzit http://translate.google.cz/translate?hl ... s:official

Pak toto http://forums.avg.com/cz-cs/avg-forums? ... ow&id=2850

Pak novy log z RSIT

meijo · #21 Příspěvek od **meijo** » 05 led 2014 22:13

Jo přiznávám, měl jsem to chvíli cracklý ale před celkem už dlouho dobou jsem to odinstaloval a zbylé soubory v Program files vymazal.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Lou at 2014-01-05 22:11:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 87 GB (71%) free of 122 GB
Total RAM: 1953 MB (35% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:11:06, on 5.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Lou.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (file missing)
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: HControl.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (file missing)
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10639 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
taskeng.exe {B4E21752-EC35-458A-B6CF-C254C31142D3}
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {CD981BE0-1844-471C-AC16-05A83EFB3225}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
taskeng.exe {7972F52A-57A6-4F55-9E0D-15F1B3B4BFE7}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
WLIDSvcM.exe 2356
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\PrintIsolationHost.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1080.0.600999288\2099756197" --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,12,22 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.3347 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --instant-process --disable-html-notifications --channel="1080.1.1864867340\1006174304" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="1080.3.958176954\1574625189" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --extension-process --renderer-print-preview --disable-html-notifications --channel="1080.4.690539389\1710106029" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="1080.5.1460526087\327615882" /prefetch:673131151
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group6 pct:10e stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-1-Percent/group_10/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --renderer-print-preview --disable-html-notifications --channel="1080.6.215874896\647537808" /prefetch:673131151
"C:\Users\Lou\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job
C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-25 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-25 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-08-02 51872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-25 1138536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-25 1372864]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2013-12-25 1372864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-12-25 1138536]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-08-16 2277480]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-11-07 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-11-07 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-11-07 442328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2011-03-21 361984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS]
C:\Windows\AutoKMS.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDCtrl]
C:\Program Files\Elantech\ETDCtrl.exe [2010-12-31 2587944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Lou\AppData\Local\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_ROC_JULY_P1]
C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe / /PROMPT /CMPID=ROC_JULY_P1 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium]
C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush none none []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
C:\Program Files (x86)\AVG Secure Search\vprot.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lou^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk]
C:\PROGRA~1\RAINME~1\RAINME~1.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-25 3764024]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe

C:\Users\Lou\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
HControl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-11-07 442880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableStartupSound"=1
"DisplayLastLogonInfo"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open -

======List of files/folders created in the last 1 months======

2014-01-05 22:11:02 ----D---- C:\Program Files\trend micro
2014-01-05 11:41:40 ----A---- C:\Windows\system32\drivers\WUDFRd.sys.bak
2014-01-05 11:41:40 ----A---- C:\Windows\system32\drivers\WUDFPf.sys.bak
2014-01-05 11:41:40 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys.bak
2014-01-05 11:41:40 ----A---- C:\Windows\system32\drivers\wmilib.sys.bak
2014-01-05 11:41:39 ----A---- C:\Windows\system32\drivers\wmiacpi.sys.bak
2014-01-05 11:41:39 ----A---- C:\Windows\system32\drivers\winusb.sys.bak
2014-01-05 11:41:39 ----A---- C:\Windows\system32\drivers\wimmount.sys.bak
2014-01-05 11:41:39 ----A---- C:\Windows\system32\drivers\WimFltr.sys.bak
2014-01-05 11:41:39 ----A---- C:\Windows\system32\drivers\wfplwf.sys.bak
2014-01-05 11:41:38 ----A---- C:\Windows\system32\drivers\WdfLdr.sys.bak
2014-01-05 11:41:38 ----A---- C:\Windows\system32\drivers\Wdf01000.sys.bak
2014-01-05 11:41:38 ----A---- C:\Windows\system32\drivers\wd.sys.bak
2014-01-05 11:41:38 ----A---- C:\Windows\system32\drivers\watchdog.sys.bak
2014-01-05 11:41:38 ----A---- C:\Windows\system32\drivers\wanarp.sys.bak
2014-01-05 11:41:37 ----A---- C:\Windows\system32\drivers\wacompen.sys.bak
2014-01-05 11:41:37 ----A---- C:\Windows\system32\drivers\vwifimp.sys.bak
2014-01-05 11:41:37 ----A---- C:\Windows\system32\drivers\vwififlt.sys.bak
2014-01-05 11:41:37 ----A---- C:\Windows\system32\drivers\vwifibus.sys.bak
2014-01-05 11:41:36 ----A---- C:\Windows\system32\drivers\vsmraid.sys.bak
2014-01-05 11:41:36 ----A---- C:\Windows\system32\drivers\volsnap.sys.bak
2014-01-05 11:41:36 ----A---- C:\Windows\system32\drivers\volmgrx.sys.bak
2014-01-05 11:41:36 ----A---- C:\Windows\system32\drivers\volmgr.sys.bak
2014-01-05 11:41:35 ----A---- C:\Windows\system32\drivers\videoprt.sys.bak
2014-01-05 11:41:35 ----A---- C:\Windows\system32\drivers\viaide.sys.bak
2014-01-05 11:41:35 ----A---- C:\Windows\system32\drivers\vhdmp.sys.bak
2014-01-05 11:41:35 ----A---- C:\Windows\system32\drivers\vgapnp.sys.bak
2014-01-05 11:41:35 ----A---- C:\Windows\system32\drivers\vga.sys.bak
2014-01-05 11:41:34 ----A---- C:\Windows\system32\drivers\vdrvroot.sys.bak
2014-01-05 11:41:34 ----A---- C:\Windows\system32\drivers\usbvideo.sys.bak
2014-01-05 11:41:34 ----A---- C:\Windows\system32\drivers\usbuhci.sys.bak
2014-01-05 11:41:34 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS.bak
2014-01-05 11:41:34 ----A---- C:\Windows\system32\drivers\usbrpm.sys.bak
2014-01-05 11:41:34 ----A---- C:\Windows\system32\drivers\usbprint.sys.bak
2014-01-05 11:41:33 ----A---- C:\Windows\system32\drivers\usbport.sys.bak
2014-01-05 11:41:33 ----A---- C:\Windows\system32\drivers\usbohci.sys.bak
2014-01-05 11:41:33 ----A---- C:\Windows\system32\drivers\usbhub.sys.bak
2014-01-05 11:41:33 ----A---- C:\Windows\system32\drivers\usbehci.sys.bak
2014-01-05 11:41:32 ----A---- C:\Windows\system32\drivers\usbd.sys.bak
2014-01-05 11:41:32 ----A---- C:\Windows\system32\drivers\usbcir.sys.bak
2014-01-05 11:41:32 ----A---- C:\Windows\system32\drivers\usbccgp.sys.bak
2014-01-05 11:41:32 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys.bak
2014-01-05 11:41:32 ----A---- C:\Windows\system32\drivers\usbaapl64.sys.bak
2014-01-05 11:41:32 ----A---- C:\Windows\system32\drivers\usb8023.sys.bak
2014-01-05 11:41:31 ----A---- C:\Windows\system32\drivers\umpass.sys.bak
2014-01-05 11:41:31 ----A---- C:\Windows\system32\drivers\umbus.sys.bak
2014-01-05 11:41:31 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-05 11:41:31 ----A---- C:\Windows\system32\drivers\udfs.sys.bak
2014-01-05 11:41:31 ----A---- C:\Windows\system32\drivers\UAGP35.SYS.bak
2014-01-05 11:41:31 ----A---- C:\Windows\system32\drivers\tunnel.sys.bak
2014-01-05 11:41:30 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys.bak
2014-01-05 11:41:30 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys.bak
2014-01-05 11:41:30 ----A---- C:\Windows\system32\drivers\tssecsrv.sys.bak
2014-01-05 11:41:30 ----A---- C:\Windows\system32\drivers\tmtdi.sys.bak
2014-01-05 11:41:30 ----A---- C:\Windows\system32\drivers\tmevtmgr.sys.bak
2014-01-05 11:41:30 ----A---- C:\Windows\system32\drivers\tmcomm.sys.bak
2014-01-05 11:41:29 ----A---- C:\Windows\system32\drivers\tmactmon.sys.bak
2014-01-05 11:41:29 ----A---- C:\Windows\system32\drivers\termdd.sys.bak
2014-01-05 11:41:29 ----A---- C:\Windows\system32\drivers\tdx.sys.bak
2014-01-05 11:41:29 ----A---- C:\Windows\system32\drivers\tdtcp.sys.bak
2014-01-05 11:41:29 ----A---- C:\Windows\system32\drivers\tdpipe.sys.bak
2014-01-05 11:41:29 ----A---- C:\Windows\system32\drivers\tdi.sys.bak
2014-01-05 11:41:28 ----A---- C:\Windows\system32\drivers\tcpipreg.sys.bak
2014-01-05 11:41:28 ----A---- C:\Windows\system32\drivers\tcpip.sys.bak
2014-01-05 11:41:27 ----A---- C:\Windows\system32\drivers\tape.sys.bak
2014-01-05 11:41:27 ----A---- C:\Windows\system32\drivers\swenum.sys.bak
2014-01-05 11:41:27 ----A---- C:\Windows\system32\drivers\stream.sys.bak
2014-01-05 11:41:27 ----A---- C:\Windows\system32\drivers\storport.sys.bak
2014-01-05 11:41:27 ----A---- C:\Windows\system32\drivers\stexstor.sys.bak
2014-01-05 11:41:27 ----A---- C:\Windows\system32\drivers\SSPORT.SYS.bak
2014-01-05 11:41:26 ----A---- C:\Windows\system32\drivers\srvnet.sys.bak
2014-01-05 11:41:26 ----A---- C:\Windows\system32\drivers\srv2.sys.bak
2014-01-05 11:41:26 ----A---- C:\Windows\system32\drivers\srv.sys.bak
2014-01-05 11:41:26 ----A---- C:\Windows\system32\drivers\spsys.sys.bak
2014-01-05 11:41:25 ----A---- C:\Windows\system32\drivers\spldr.sys.bak
2014-01-05 11:41:25 ----A---- C:\Windows\system32\drivers\smclib.sys.bak
2014-01-05 11:41:25 ----A---- C:\Windows\system32\drivers\smb.sys.bak
2014-01-05 11:41:25 ----A---- C:\Windows\system32\drivers\sisraid4.sys.bak
2014-01-05 11:41:25 ----A---- C:\Windows\system32\drivers\sisraid2.sys.bak
2014-01-05 11:41:25 ----A---- C:\Windows\system32\drivers\SiSG664.sys.bak
2014-01-05 11:41:25 ----A---- C:\Windows\system32\drivers\sfloppy.sys.bak
2014-01-05 11:41:24 ----A---- C:\Windows\system32\drivers\sffp_sd.sys.bak
2014-01-05 11:41:24 ----A---- C:\Windows\system32\drivers\sffp_mmc.sys.bak
2014-01-05 11:41:24 ----A---- C:\Windows\system32\drivers\sffdisk.sys.bak
2014-01-05 11:41:24 ----A---- C:\Windows\system32\drivers\sermouse.sys.bak
2014-01-05 11:41:24 ----A---- C:\Windows\system32\drivers\serial.sys.bak
2014-01-05 11:41:24 ----A---- C:\Windows\system32\drivers\serenum.sys.bak
2014-01-05 11:41:24 ----A---- C:\Windows\system32\drivers\secdrv.sys.bak
2014-01-05 11:41:23 ----A---- C:\Windows\system32\drivers\scsiport.sys.bak
2014-01-05 11:41:23 ----A---- C:\Windows\system32\drivers\scfilter.sys.bak
2014-01-05 11:41:23 ----A---- C:\Windows\system32\drivers\sbp2port.sys.bak
2014-01-05 11:41:22 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys.bak
2014-01-05 11:41:22 ----A---- C:\Windows\system32\drivers\rspndr.sys.bak
2014-01-05 11:41:22 ----A---- C:\Windows\system32\drivers\rootmdm.sys.bak
2014-01-05 11:41:22 ----A---- C:\Windows\system32\drivers\RNDISMP.sys.bak
2014-01-05 11:41:21 ----A---- C:\Windows\system32\drivers\rmcast.sys.bak
2014-01-05 11:41:21 ----A---- C:\Windows\system32\drivers\rfcomm.sys.bak
2014-01-05 11:41:21 ----A---- C:\Windows\system32\drivers\rdyboost.sys.bak
2014-01-05 11:41:21 ----A---- C:\Windows\system32\drivers\rdpwd.sys.bak
2014-01-05 11:41:21 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys.bak
2014-01-05 11:41:21 ----A---- C:\Windows\system32\drivers\RDPREFMP.sys.bak
2014-01-05 11:41:21 ----A---- C:\Windows\system32\drivers\RDPENCDD.sys.bak
2014-01-05 11:41:20 ----A---- C:\Windows\system32\drivers\RDPCDD.sys.bak
2014-01-05 11:41:20 ----A---- C:\Windows\system32\drivers\rdpbus.sys.bak
2014-01-05 11:41:20 ----A---- C:\Windows\system32\drivers\rdbss.sys.bak
2014-01-05 11:41:20 ----A---- C:\Windows\system32\drivers\rassstp.sys.bak
2014-01-05 11:41:20 ----A---- C:\Windows\system32\drivers\raspptp.sys.bak
2014-01-05 11:41:20 ----A---- C:\Windows\system32\drivers\raspppoe.sys.bak
2014-01-05 11:41:19 ----A---- C:\Windows\system32\drivers\rasl2tp.sys.bak
2014-01-05 11:41:19 ----A---- C:\Windows\system32\drivers\rasacd.sys.bak
2014-01-05 11:41:19 ----A---- C:\Windows\system32\drivers\qwavedrv.sys.bak
2014-01-05 11:41:19 ----A---- C:\Windows\system32\drivers\ql40xx.sys.bak
2014-01-05 11:41:18 ----A---- C:\Windows\system32\drivers\ql2300.sys.bak
2014-01-05 11:41:17 ----A---- C:\Windows\system32\drivers\processr.sys.bak
2014-01-05 11:41:17 ----A---- C:\Windows\system32\drivers\portcls.sys.bak
2014-01-05 11:41:15 ----A---- C:\Windows\system32\drivers\PEAuth.sys.bak
2014-01-05 11:41:14 ----A---- C:\Windows\system32\drivers\pcw.sys.bak
2014-01-05 11:41:14 ----A---- C:\Windows\system32\drivers\pcmcia.sys.bak
2014-01-05 11:41:13 ----A---- C:\Windows\system32\drivers\pciidex.sys.bak
2014-01-05 11:41:13 ----A---- C:\Windows\system32\drivers\pciide.sys.bak
2014-01-05 11:41:13 ----A---- C:\Windows\system32\drivers\pci.sys.bak
2014-01-05 11:41:12 ----A---- C:\Windows\system32\drivers\partmgr.sys.bak
2014-01-05 11:41:12 ----A---- C:\Windows\system32\drivers\parport.sys.bak
2014-01-05 11:41:11 ----A---- C:\Windows\system32\drivers\pacer.sys.bak
2014-01-05 11:41:11 ----A---- C:\Windows\system32\drivers\ohci1394.sys.bak
2014-01-05 11:41:10 ----A---- C:\Windows\system32\drivers\nwifi.sys.bak
2014-01-05 11:41:10 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS.bak
2014-01-05 11:41:09 ----A---- C:\Windows\system32\drivers\nvstor.sys.bak
2014-01-05 11:41:09 ----A---- C:\Windows\system32\drivers\nvraid.sys.bak
2014-01-05 11:41:08 ----A---- C:\Windows\system32\drivers\null.sys.bak
2014-01-05 11:41:05 ----A---- C:\Windows\system32\drivers\ntfs.sys.bak
2014-01-05 11:41:05 ----A---- C:\Windows\system32\drivers\nsiproxy.sys.bak
2014-01-05 11:41:04 ----A---- C:\Windows\system32\drivers\npfs.sys.bak
2014-01-05 11:41:04 ----A---- C:\Windows\system32\drivers\nfrd960.sys.bak
2014-01-05 11:41:04 ----A---- C:\Windows\system32\drivers\netio.sys.bak
2014-01-05 11:41:03 ----A---- C:\Windows\system32\drivers\netbt.sys.bak
2014-01-05 11:41:03 ----A---- C:\Windows\system32\drivers\netbios.sys.bak
2014-01-05 11:41:03 ----A---- C:\Windows\system32\drivers\ndproxy.sys.bak
2014-01-05 11:41:03 ----A---- C:\Windows\system32\drivers\ndiswan.sys.bak
2014-01-05 11:41:03 ----A---- C:\Windows\system32\drivers\ndisuio.sys.bak
2014-01-05 11:41:02 ----A---- C:\Windows\system32\drivers\ndistapi.sys.bak
2014-01-05 11:41:02 ----A---- C:\Windows\system32\drivers\ndiscap.sys.bak
2014-01-05 11:41:01 ----A---- C:\Windows\system32\drivers\ndis.sys.bak
2014-01-05 11:41:01 ----A---- C:\Windows\system32\drivers\mup.sys.bak
2014-01-05 11:41:01 ----A---- C:\Windows\system32\drivers\MTConfig.sys.bak
2014-01-05 11:41:01 ----A---- C:\Windows\system32\drivers\mstee.sys.bak
2014-01-05 11:41:00 ----A---- C:\Windows\system32\drivers\mssmbios.sys.bak
2014-01-05 11:41:00 ----A---- C:\Windows\system32\drivers\msrpc.sys.bak
2014-01-05 11:41:00 ----A---- C:\Windows\system32\drivers\mspqm.sys.bak
2014-01-05 11:40:59 ----A---- C:\Windows\system32\drivers\mspclock.sys.bak
2014-01-05 11:40:59 ----A---- C:\Windows\system32\drivers\mskssrv.sys.bak
2014-01-05 11:40:59 ----A---- C:\Windows\system32\drivers\msiscsi.sys.bak
2014-01-05 11:40:59 ----A---- C:\Windows\system32\drivers\msisadrv.sys.bak
2014-01-05 11:40:59 ----A---- C:\Windows\system32\drivers\mshidkmdf.sys.bak
2014-01-05 11:40:59 ----A---- C:\Windows\system32\drivers\msfs.sys.bak
2014-01-05 11:40:58 ----A---- C:\Windows\system32\drivers\msdsm.sys.bak
2014-01-05 11:40:58 ----A---- C:\Windows\system32\drivers\msahci.sys.bak
2014-01-05 11:40:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys.bak
2014-01-05 11:40:58 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys.bak
2014-01-05 11:40:57 ----A---- C:\Windows\system32\drivers\mrxsmb.sys.bak
2014-01-05 11:40:57 ----A---- C:\Windows\system32\drivers\mrxdav.sys.bak
2014-01-05 11:40:57 ----A---- C:\Windows\system32\drivers\mpsdrv.sys.bak
2014-01-05 11:40:57 ----A---- C:\Windows\system32\drivers\mpio.sys.bak
2014-01-05 11:40:57 ----A---- C:\Windows\system32\drivers\mountmgr.sys.bak
2014-01-05 11:40:57 ----A---- C:\Windows\system32\drivers\mouhid.sys.bak
2014-01-05 11:40:56 ----A---- C:\Windows\system32\drivers\mouclass.sys.bak
2014-01-05 11:40:56 ----A---- C:\Windows\system32\drivers\monitor.sys.bak
2014-01-05 11:40:56 ----A---- C:\Windows\system32\drivers\modem.sys.bak
2014-01-05 11:40:56 ----A---- C:\Windows\system32\drivers\MegaSR.sys.bak
2014-01-05 11:40:55 ----A---- C:\Windows\system32\drivers\megasas.sys.bak
2014-01-05 11:40:55 ----A---- C:\Windows\system32\drivers\mcd.sys.bak
2014-01-05 11:40:55 ----A---- C:\Windows\system32\drivers\luafv.sys.bak
2014-01-05 11:40:55 ----A---- C:\Windows\system32\drivers\lsi_scsi.sys.bak
2014-01-05 11:40:55 ----A---- C:\Windows\system32\drivers\lsi_sas2.sys.bak
2014-01-05 11:40:55 ----A---- C:\Windows\system32\drivers\lsi_sas.sys.bak
2014-01-05 11:40:54 ----A---- C:\Windows\system32\drivers\lsi_fc.sys.bak
2014-01-05 11:40:54 ----A---- C:\Windows\system32\drivers\lltdio.sys.bak
2014-01-05 11:40:54 ----A---- C:\Windows\system32\drivers\L1C62x64.sys.bak
2014-01-05 11:40:54 ----A---- C:\Windows\system32\drivers\ksthunk.sys.bak
2014-01-05 11:40:54 ----A---- C:\Windows\system32\drivers\ksecpkg.sys.bak
2014-01-05 11:40:53 ----A---- C:\Windows\system32\drivers\ksecdd.sys.bak
2014-01-05 11:40:53 ----A---- C:\Windows\system32\drivers\ks.sys.bak
2014-01-05 11:40:53 ----A---- C:\Windows\system32\drivers\kbfiltr.sys.bak
2014-01-05 11:40:53 ----A---- C:\Windows\system32\drivers\kbdhid.sys.bak
2014-01-05 11:40:53 ----A---- C:\Windows\system32\drivers\kbdclass.sys.bak
2014-01-05 11:40:53 ----A---- C:\Windows\system32\drivers\isapnp.sys.bak
2014-01-05 11:40:53 ----A---- C:\Windows\system32\drivers\irenum.sys.bak
2014-01-05 11:40:52 ----A---- C:\Windows\system32\drivers\irda.sys.bak
2014-01-05 11:40:52 ----A---- C:\Windows\system32\drivers\ipnat.sys.bak
2014-01-05 11:40:52 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys.bak
2014-01-05 11:40:52 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys.bak
2014-01-05 11:40:52 ----A---- C:\Windows\system32\drivers\intelppm.sys.bak
2014-01-05 11:40:51 ----A---- C:\Windows\system32\drivers\intelide.sys.bak
2014-01-05 11:40:51 ----A---- C:\Windows\system32\drivers\IntcDAud.sys.bak
2014-01-05 11:40:50 ----A---- C:\Windows\system32\drivers\iirsp.sys.bak
2014-01-05 11:40:50 ----A---- C:\Windows\system32\drivers\igdkmd64.sys.bak
2014-01-05 11:40:49 ----A---- C:\Windows\system32\drivers\iaStorV.sys.bak
2014-01-05 11:40:49 ----A---- C:\Windows\system32\drivers\iaStor.sys.bak
2014-01-05 11:40:49 ----A---- C:\Windows\system32\drivers\i8042prt.sys.bak
2014-01-05 11:40:48 ----A---- C:\Windows\system32\drivers\hwpolicy.sys.bak
2014-01-05 11:40:48 ----A---- C:\Windows\system32\drivers\http.sys.bak
2014-01-05 11:40:48 ----A---- C:\Windows\system32\drivers\HpSAMD.sys.bak
2014-01-05 11:40:48 ----A---- C:\Windows\system32\drivers\hidusb.sys.bak
2014-01-05 11:40:48 ----A---- C:\Windows\system32\drivers\hidparse.sys.bak
2014-01-05 11:40:48 ----A---- C:\Windows\system32\drivers\hidir.sys.bak
2014-01-05 11:40:47 ----A---- C:\Windows\system32\drivers\hidclass.sys.bak
2014-01-05 11:40:47 ----A---- C:\Windows\system32\drivers\hidbth.sys.bak
2014-01-05 11:40:47 ----A---- C:\Windows\system32\drivers\hidbatt.sys.bak
2014-01-05 11:40:47 ----A---- C:\Windows\system32\drivers\HECIx64.sys.bak
2014-01-05 11:40:47 ----A---- C:\Windows\system32\drivers\HdAudio.sys.bak
2014-01-05 11:40:46 ----A---- C:\Windows\system32\drivers\hdaudbus.sys.bak
2014-01-05 11:40:46 ----A---- C:\Windows\system32\drivers\hcw85cir.sys.bak
2014-01-05 11:40:46 ----A---- C:\Windows\system32\drivers\GAGP30KX.SYS.bak
2014-01-05 11:40:46 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS.bak
2014-01-05 11:40:46 ----A---- C:\Windows\system32\drivers\fvevol.sys.bak
2014-01-05 11:40:46 ----A---- C:\Windows\system32\drivers\fs_rec.sys.bak
2014-01-05 11:40:45 ----A---- C:\Windows\system32\drivers\fssfltr.sys.bak
2014-01-05 11:40:45 ----A---- C:\Windows\system32\drivers\fsdepends.sys.bak
2014-01-05 11:40:45 ----A---- C:\Windows\system32\drivers\fltMgr.sys.bak
2014-01-05 11:40:45 ----A---- C:\Windows\system32\drivers\flpydisk.sys.bak
2014-01-05 11:40:45 ----A---- C:\Windows\system32\drivers\filetrace.sys.bak
2014-01-05 11:40:45 ----A---- C:\Windows\system32\drivers\fileinfo.sys.bak
2014-01-05 11:40:44 ----A---- C:\Windows\system32\drivers\fdc.sys.bak
2014-01-05 11:40:44 ----A---- C:\Windows\system32\drivers\fastfat.sys.bak
2014-01-05 11:40:43 ----A---- C:\Windows\system32\drivers\exfat.sys.bak
2014-01-05 11:40:43 ----A---- C:\Windows\system32\drivers\evbda.sys.bak
2014-01-05 11:40:43 ----A---- C:\Windows\system32\drivers\ETD.sys.bak
2014-01-05 11:40:43 ----A---- C:\Windows\system32\drivers\errdev.sys.bak
2014-01-05 11:40:42 ----A---- C:\Windows\system32\drivers\EpfwLWF.sys.bak
2014-01-05 11:40:42 ----A---- C:\Windows\system32\drivers\elxstor.sys.bak
2014-01-05 11:40:42 ----A---- C:\Windows\system32\drivers\dxgmms1.sys.bak
2014-01-05 11:40:41 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys.bak
2014-01-05 11:40:41 ----A---- C:\Windows\system32\drivers\dxg.sys.bak
2014-01-05 11:40:41 ----A---- C:\Windows\system32\drivers\dxapi.sys.bak
2014-01-05 11:40:41 ----A---- C:\Windows\system32\drivers\dumpfve.sys.bak
2014-01-05 11:40:41 ----A---- C:\Windows\system32\drivers\Dumpata.sys.bak
2014-01-05 11:40:40 ----A---- C:\Windows\system32\drivers\drmkaud.sys.bak
2014-01-05 11:40:40 ----A---- C:\Windows\system32\drivers\drmk.sys.bak
2014-01-05 11:40:40 ----A---- C:\Windows\system32\drivers\Diskdump.sys.bak
2014-01-05 11:40:40 ----A---- C:\Windows\system32\drivers\disk.sys.bak
2014-01-05 11:40:40 ----A---- C:\Windows\system32\drivers\discache.sys.bak
2014-01-05 11:40:39 ----A---- C:\Windows\system32\drivers\dfsc.sys.bak
2014-01-05 11:40:39 ----A---- C:\Windows\system32\drivers\crcdisk.sys.bak
2014-01-05 11:40:39 ----A---- C:\Windows\system32\drivers\crashdmp.sys.bak
2014-01-05 11:40:39 ----A---- C:\Windows\system32\drivers\CompositeBus.sys.bak
2014-01-05 11:40:39 ----A---- C:\Windows\system32\drivers\compbatt.sys.bak
2014-01-05 11:40:38 ----A---- C:\Windows\system32\drivers\cng.sys.bak
2014-01-05 11:40:38 ----A---- C:\Windows\system32\drivers\cmdide.sys.bak
2014-01-05 11:40:38 ----A---- C:\Windows\system32\drivers\CmBatt.sys.bak
2014-01-05 11:40:38 ----A---- C:\Windows\system32\drivers\Classpnp.sys.bak
2014-01-05 11:40:38 ----A---- C:\Windows\system32\drivers\circlass.sys.bak
2014-01-05 11:40:37 ----A---- C:\Windows\system32\drivers\cdrom.sys.bak
2014-01-05 11:40:37 ----A---- C:\Windows\system32\drivers\cdfs.sys.bak
2014-01-05 11:40:37 ----A---- C:\Windows\system32\drivers\bxvbda.sys.bak
2014-01-05 11:40:37 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS.bak
2014-01-05 11:40:36 ----A---- C:\Windows\system32\drivers\bthport.sys.bak
2014-01-05 11:40:36 ----A---- C:\Windows\system32\drivers\bthpan.sys.bak
2014-01-05 11:40:36 ----A---- C:\Windows\system32\drivers\bthmodem.sys.bak
2014-01-05 11:40:36 ----A---- C:\Windows\system32\drivers\bthenum.sys.bak
2014-01-05 11:40:35 ----A---- C:\Windows\system32\drivers\btfilter.sys.bak
2014-01-05 11:40:35 ----A---- C:\Windows\system32\drivers\btath_rcp.sys.bak
2014-01-05 11:40:35 ----A---- C:\Windows\system32\drivers\btath_lwflt.sys.bak
2014-01-05 11:40:35 ----A---- C:\Windows\system32\drivers\btath_hcrp.sys.bak
2014-01-05 11:40:35 ----A---- C:\Windows\system32\drivers\btath_flt.sys.bak
2014-01-05 11:40:34 ----A---- C:\Windows\system32\drivers\btath_bus.sys.bak
2014-01-05 11:40:34 ----A---- C:\Windows\system32\drivers\btath_avdt.sys.bak
2014-01-05 11:40:34 ----A---- C:\Windows\system32\drivers\btath_a2dp.sys.bak
2014-01-05 11:40:34 ----A---- C:\Windows\system32\drivers\BrUsbSer.sys.bak
2014-01-05 11:40:33 ----A---- C:\Windows\system32\drivers\BrUsbMdm.sys.bak
2014-01-05 11:40:33 ----A---- C:\Windows\system32\drivers\BrSerWdm.sys.bak
2014-01-05 11:40:33 ----A---- C:\Windows\system32\drivers\BrSerId.sys.bak
2014-01-05 11:40:32 ----A---- C:\Windows\system32\drivers\bridge.sys.bak
2014-01-05 11:40:32 ----A---- C:\Windows\system32\drivers\BrFiltUp.sys.bak
2014-01-05 11:40:32 ----A---- C:\Windows\system32\drivers\BrFiltLo.sys.bak
2014-01-05 11:40:32 ----A---- C:\Windows\system32\drivers\bowser.sys.bak
2014-01-05 11:40:32 ----A---- C:\Windows\system32\drivers\blbdrive.sys.bak
2014-01-05 11:40:31 ----A---- C:\Windows\system32\drivers\beep.sys.bak
2014-01-05 11:40:31 ----A---- C:\Windows\system32\drivers\battc.sys.bak
2014-01-05 11:40:31 ----A---- C:\Windows\system32\drivers\b57nd60a.sys.bak
2014-01-05 11:40:31 ----A---- C:\Windows\system32\drivers\avgtpx64.sys.bak
2014-01-05 11:40:28 ----A---- C:\Windows\system32\drivers\athrx.sys.bak
2014-01-05 11:40:28 ----A---- C:\Windows\system32\drivers\ataport.sys.bak
2014-01-05 11:40:27 ----A---- C:\Windows\system32\drivers\atapi.sys.bak
2014-01-05 11:40:27 ----A---- C:\Windows\system32\drivers\asyncmac.sys.bak
2014-01-05 11:40:27 ----A---- C:\Windows\system32\drivers\asmtxhci.sys.bak
2014-01-05 11:40:27 ----A---- C:\Windows\system32\drivers\asmthub3.sys.bak
2014-01-05 11:40:26 ----A---- C:\Windows\system32\drivers\arcsas.sys.bak
2014-01-05 11:40:26 ----A---- C:\Windows\system32\drivers\arc.sys.bak
2014-01-05 11:40:26 ----A---- C:\Windows\system32\drivers\appid.sys.bak
2014-01-05 11:40:25 ----A---- C:\Windows\system32\drivers\amdxata.sys.bak
2014-01-05 11:40:25 ----A---- C:\Windows\system32\drivers\amdsbs.sys.bak
2014-01-05 11:40:25 ----A---- C:\Windows\system32\drivers\amdsata.sys.bak
2014-01-05 11:40:25 ----A---- C:\Windows\system32\drivers\amdppm.sys.bak
2014-01-05 11:40:24 ----A---- C:\Windows\system32\drivers\amdk8.sys.bak
2014-01-05 11:40:24 ----A---- C:\Windows\system32\drivers\amdide.sys.bak
2014-01-05 11:40:24 ----A---- C:\Windows\system32\drivers\aliide.sys.bak
2014-01-05 11:40:24 ----A---- C:\Windows\system32\drivers\AGP440.sys.bak
2014-01-05 11:40:24 ----A---- C:\Windows\system32\drivers\agilevpn.sys.bak
2014-01-05 11:40:23 ----A---- C:\Windows\system32\drivers\afd.sys.bak
2014-01-05 11:40:23 ----A---- C:\Windows\system32\drivers\adpu320.sys.bak
2014-01-05 11:40:23 ----A---- C:\Windows\system32\drivers\adpahci.sys.bak
2014-01-05 11:40:23 ----A---- C:\Windows\system32\drivers\adp94xx.sys.bak
2014-01-05 11:40:22 ----A---- C:\Windows\system32\drivers\acpipmi.sys.bak
2014-01-05 11:40:22 ----A---- C:\Windows\system32\drivers\acpi.sys.bak
2014-01-05 11:40:22 ----A---- C:\Windows\system32\drivers\1394ohci.sys.bak
2014-01-05 11:40:21 ----A---- C:\Windows\system32\drivers\1394bus.sys.bak
2014-01-04 22:39:48 ----D---- C:\ProgramData\Malwarebytes
2014-01-04 22:06:31 ----D---- C:\AdwCleaner
2014-01-04 21:49:38 ----D---- C:\rsit
2014-01-04 15:51:29 ----D---- C:\ProgramData\Kaspersky Lab
2014-01-04 10:48:22 ----D---- C:\ProgramData\IObit
2014-01-04 00:08:58 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2014-01-04 00:08:58 ----A---- C:\Windows\SYSWOW64\mfc71.dll
2014-01-04 00:08:58 ----A---- C:\Windows\SYSWOW64\gdiplus.dll
2014-01-03 23:46:16 ----D---- C:\Program Files\AdTrustMedia
2014-01-03 23:46:15 ----D---- C:\ProgramData\Adtrustmedia
2014-01-03 19:55:55 ----D---- C:\Users\Lou\AppData\Roaming\SUPERAntiSpyware.com
2013-12-25 09:15:28 ----D---- C:\Users\Lou\AppData\Roaming\Samsung
2013-12-25 09:14:37 ----D---- C:\ProgramData\Samsung
2013-12-25 09:14:37 ----D---- C:\Program Files (x86)\SamsungPrinterLiveUpdateInstaller
2013-12-25 09:14:36 ----D---- C:\Program Files (x86)\SamsungPrinterLiveUpdate
2013-12-25 09:14:16 ----N---- C:\Windows\TotalUninstaller.exe
2013-12-25 09:14:11 ----A---- C:\Windows\system32\ssj1mlm.dll
2013-12-25 09:14:11 ----A---- C:\Windows\system32\SBuySupplies.exe
2013-12-25 09:14:06 ----A---- C:\Windows\system32\ssj1mci.exe
2013-12-25 09:14:05 ----A---- C:\Windows\system32\ssj1mci.dll
2013-12-25 09:13:16 ----D---- C:\Program Files (x86)\Samsung
2013-12-25 08:56:23 ----A---- C:\Windows\system32\drivers\aswstm.sys
2013-12-15 11:59:36 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-15 11:59:35 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-15 11:59:34 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-15 11:59:31 ----A---- C:\Windows\system32\wmp.dll
2013-12-15 11:44:17 ----D---- C:\Windows\Migration
2013-12-15 11:07:44 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-12-15 11:07:44 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-12-15 11:07:43 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-12-15 11:07:39 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2013-12-15 11:07:39 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-12-15 11:07:39 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-12-15 11:07:32 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-12-15 11:07:32 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-12-15 11:07:32 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-12-15 11:07:32 ----A---- C:\Windows\system32\wksprtPS.dll
2013-12-15 11:07:32 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-12-15 11:07:32 ----A---- C:\Windows\system32\tsgqec.dll
2013-12-15 11:07:31 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-12-15 11:07:31 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-12-15 11:07:31 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-12-15 11:07:31 ----A---- C:\Windows\system32\rdpudd.dll
2013-12-15 11:07:31 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-12-15 11:07:31 ----A---- C:\Windows\system32\aaclient.dll
2013-12-15 11:07:30 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-12-15 11:07:30 ----A---- C:\Windows\system32\wksprt.exe
2013-12-15 11:07:30 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-12-15 11:07:30 ----A---- C:\Windows\system32\mstsc.exe
2013-12-15 11:07:29 ----A---- C:\Windows\system32\rdpcorets.dll
2013-12-15 11:07:28 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-12-15 11:07:27 ----A---- C:\Windows\system32\mstscax.dll
2013-12-15 11:00:07 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-15 11:00:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-15 11:00:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-15 11:00:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-15 11:00:04 ----A---- C:\Windows\system32\ieui.dll
2013-12-15 11:00:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-15 11:00:03 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-15 11:00:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-15 11:00:01 ----A---- C:\Windows\system32\wininet.dll
2013-12-15 11:00:00 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-15 11:00:00 ----A---- C:\Windows\system32\url.dll
2013-12-15 10:59:59 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-15 10:59:59 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-15 10:59:57 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-15 10:59:56 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-15 10:59:55 ----A---- C:\Windows\system32\urlmon.dll
2013-12-15 10:59:54 ----A---- C:\Windows\system32\iertutil.dll
2013-12-15 10:59:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-15 10:59:52 ----A---- C:\Windows\system32\jscript9.dll
2013-12-15 10:59:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-15 10:59:51 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-15 10:59:51 ----A---- C:\Windows\system32\vbscript.dll
2013-12-15 10:59:51 ----A---- C:\Windows\system32\jscript.dll
2013-12-15 10:59:49 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-15 10:59:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-15 10:59:40 ----A---- C:\Windows\system32\mshtml.dll
2013-12-15 10:59:36 ----A---- C:\Windows\system32\ieframe.dll
2013-12-15 10:59:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-15 10:29:22 ----D---- C:\Windows\system32\MRT
2013-12-15 10:21:08 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2013-12-15 10:21:08 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2013-12-15 10:21:07 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2013-12-15 10:21:07 ----A---- C:\Windows\system32\UIAnimation.dll
2013-12-15 10:21:04 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-15 10:21:04 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-15 10:20:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-15 10:20:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-15 10:20:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-15 10:20:58 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-15 10:20:58 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-15 10:20:58 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-15 10:20:58 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-15 10:20:58 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-15 10:20:57 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2013-12-15 10:20:57 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2013-12-15 10:20:57 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2013-12-15 10:20:57 ----A---- C:\Windows\system32\d3d10warp.dll
2013-12-15 10:20:57 ----A---- C:\Windows\system32\d3d10_1.dll
2013-12-15 10:20:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-15 10:20:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-15 10:20:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-15 10:20:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-15 10:20:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-15 10:20:56 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-15 10:20:56 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-15 10:20:56 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-15 10:20:56 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-15 10:20:56 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2013-12-15 10:20:55 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-15 10:20:55 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2013-12-15 10:20:55 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-12-15 10:20:55 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2013-12-15 10:20:55 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2013-12-15 10:20:55 ----A---- C:\Windows\system32\dxgi.dll
2013-12-15 10:20:55 ----A---- C:\Windows\system32\d3d10level9.dll
2013-12-15 10:20:55 ----A---- C:\Windows\system32\d3d10core.dll
2013-12-15 10:20:54 ----A---- C:\Windows\system32\d3d10_1core.dll
2013-12-15 10:20:53 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2013-12-15 10:20:53 ----A---- C:\Windows\system32\d3d10.dll
2013-12-15 10:20:52 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-12-15 10:20:52 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2013-12-15 10:20:52 ----A---- C:\Windows\system32\XpsPrint.dll
2013-12-15 10:20:52 ----A---- C:\Windows\system32\FntCache.dll
2013-12-15 10:20:51 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2013-12-15 10:20:51 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2013-12-15 10:20:51 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2013-12-15 10:20:51 ----A---- C:\Windows\system32\WindowsCodecs.dll
2013-12-15 10:20:51 ----A---- C:\Windows\system32\DWrite.dll
2013-12-15 10:20:50 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2013-12-15 10:20:50 ----A---- C:\Windows\system32\d2d1.dll
2013-12-15 10:14:38 ----A---- C:\Windows\system32\drivers\fvevol.sys
2013-12-15 10:14:36 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-12-15 10:14:36 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-12-15 10:14:27 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-12-15 10:14:27 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-12-15 10:14:27 ----A---- C:\Windows\system32\cryptsvc.dll
2013-12-15 10:14:27 ----A---- C:\Windows\system32\cryptnet.dll
2013-12-15 10:14:27 ----A---- C:\Windows\system32\crypt32.dll
2013-12-15 10:14:26 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-12-15 10:14:22 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-15 10:14:22 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-15 10:13:29 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-12-15 10:13:28 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-12-15 10:13:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-12-15 10:13:27 ----A---- C:\Windows\system32\tdh.dll
2013-12-15 10:13:27 ----A---- C:\Windows\system32\ntdll.dll
2013-12-15 10:13:27 ----A---- C:\Windows\system32\advapi32.dll
2013-12-15 10:13:26 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-12-15 10:13:26 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-12-15 10:13:26 ----A---- C:\Windows\system32\wow64.dll
2013-12-15 10:13:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-12-15 10:13:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-12-15 10:13:25 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-12-15 10:13:25 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-12-15 10:13:24 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-12-15 10:13:24 ----A---- C:\Windows\SYSWOW64\user.exe
2013-12-15 10:13:16 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-12-15 10:13:16 ----A---- C:\Windows\system32\winsrv.dll
2013-12-15 10:13:16 ----A---- C:\Windows\system32\KernelBase.dll
2013-12-15 10:13:15 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-12-15 10:13:15 ----A---- C:\Windows\system32\smss.exe
2013-12-15 10:13:15 ----A---- C:\Windows\system32\kernel32.dll
2013-12-15 10:13:15 ----A---- C:\Windows\system32\csrsrv.dll
2013-12-15 10:13:15 ----A---- C:\Windows\system32\conhost.exe
2013-12-15 10:13:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-15 10:13:14 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-12-15 10:13:14 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-12-15 10:13:14 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-12-15 10:13:14 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2013-12-15 10:13:14 ----A---- C:\Windows\system32\apisetschema.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-12-15 10:13:13 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-12-15 10:13:12 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-12-15 10:13:11 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-12-15 10:13:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-12-15 10:13:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-12-15 10:13:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-12-15 10:13:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-12-15 10:13:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-12-15 10:13:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-12-15 10:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-12-15 10:13:09 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-12-15 10:12:40 ----A---- C:\Windows\system32\consent.exe
2013-12-15 10:12:39 ----A---- C:\Windows\system32\appinfo.dll
2013-12-15 10:11:58 ----A---- C:\Windows\SYSWOW64\certutil.exe
2013-12-15 10:11:58 ----A---- C:\Windows\system32\certutil.exe
2013-12-15 10:11:57 ----A---- C:\Windows\SYSWOW64\certenc.dll
2013-12-15 10:11:57 ----A---- C:\Windows\system32\certenc.dll
2013-12-15 10:11:25 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2013-12-15 10:11:25 ----A---- C:\Windows\system32\d3d11.dll
2013-12-15 10:11:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-12-15 10:11:23 ----A---- C:\Windows\system32\schannel.dll
2013-12-15 10:11:23 ----A---- C:\Windows\system32\lsasrv.dll
2013-12-15 10:11:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-12-15 10:11:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-12-15 10:11:23 ----A---- C:\Windows\system32\drivers\cng.sys
2013-12-15 10:11:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-12-15 10:11:22 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-12-15 10:11:22 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-12-15 10:11:22 ----A---- C:\Windows\system32\sspisrv.dll
2013-12-15 10:11:22 ----A---- C:\Windows\system32\sspicli.dll
2013-12-15 10:11:22 ----A---- C:\Windows\system32\secur32.dll
2013-12-15 10:11:22 ----A---- C:\Windows\system32\ncrypt.dll
2013-12-15 10:11:22 ----A---- C:\Windows\system32\lsass.exe
2013-12-15 10:11:19 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-12-15 10:11:18 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-12-15 10:11:18 ----A---- C:\Windows\system32\mswsock.dll
2013-12-15 10:11:11 ----A---- C:\Windows\system32\shell32.dll
2013-12-15 10:11:10 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-12-15 10:11:09 ----A---- C:\Windows\SYSWOW64\shdocvw.dll
2013-12-15 10:11:09 ----A---- C:\Windows\system32\shdocvw.dll
2013-12-15 10:11:00 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-12-15 10:11:00 ----A---- C:\Windows\system32\wintrust.dll
2013-12-15 10:10:24 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2013-12-15 10:10:24 ----A---- C:\Windows\system32\cryptdlg.dll
2013-12-15 10:10:11 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-12-15 10:10:11 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-12-15 10:10:11 ----A---- C:\Windows\system32\credui.dll
2013-12-15 10:10:11 ----A---- C:\Windows\system32\authui.dll
2013-12-15 10:10:10 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-12-15 10:10:10 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-12-15 10:09:40 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-15 10:09:40 ----A---- C:\Windows\system32\tzres.dll
2013-12-15 10:09:34 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-12-15 10:09:25 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-12-15 10:09:07 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2013-12-15 10:09:03 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-12-15 10:08:51 ----A---- C:\Windows\system32\msieftp.dll
2013-12-15 10:08:44 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-15 10:08:41 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-15 10:08:37 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-15 10:08:36 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-15 10:08:36 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-15 10:08:33 ----A---- C:\Windows\system32\comctl32.dll
2013-12-15 10:08:30 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-12-15 10:08:11 ----A---- C:\Windows\system32\wwansvc.dll
2013-12-15 10:08:11 ----A---- C:\Windows\system32\wwanprotdim.dll
2013-12-15 10:08:10 ----A---- C:\Windows\system32\drivers\ataport.sys
2013-12-15 10:08:09 ----A---- C:\Windows\SYSWOW64\qedit.dll
2013-12-15 10:08:09 ----A---- C:\Windows\system32\win32spl.dll
2013-12-15 10:08:09 ----A---- C:\Windows\system32\qedit.dll
2013-12-15 10:08:08 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-12-15 10:08:08 ----A---- C:\Windows\system32\WebClnt.dll
2013-12-15 10:08:06 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-12-15 10:08:06 ----A---- C:\Windows\system32\davclnt.dll
2013-12-15 10:08:05 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-12-15 10:08:04 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-12-15 10:08:03 ----A---- C:\Windows\system32\cscript.exe
2013-12-15 10:08:02 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-15 10:08:02 ----A---- C:\Windows\system32\wscript.exe
2013-12-15 10:08:02 ----A---- C:\Windows\system32\scrrun.dll
2013-12-15 10:08:01 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-15 10:08:01 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-15 10:08:00 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-12-15 10:08:00 ----A---- C:\Windows\system32\dciman32.dll
2013-12-15 10:08:00 ----A---- C:\Windows\system32\atmfd.dll
2013-12-15 10:07:59 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-12-15 10:07:59 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-12-15 10:07:59 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-12-15 10:07:59 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-12-15 10:07:59 ----A---- C:\Windows\system32\lpk.dll
2013-12-15 10:07:59 ----A---- C:\Windows\system32\fontsub.dll
2013-12-15 10:07:59 ----A---- C:\Windows\system32\atmlib.dll
2013-12-15 10:07:58 ----A---- C:\Windows\system32\rpcrt4.dll
2013-12-15 10:07:57 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2013-12-15 10:07:52 ----A---- C:\Windows\system32\win32k.sys
2013-12-15 10:07:51 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-12-15 10:07:49 ----A---- C:\Windows\system32\drivers\afd.sys
2013-12-15 10:07:46 ----A---- C:\Windows\system32\WMVDECOD.DLL
2013-12-15 10:07:03 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2013-12-15 10:07:02 ----A---- C:\Windows\system32\gdi32.dll
2013-12-15 10:07:01 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-12-15 10:06:50 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-12-15 10:06:50 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-12-15 10:05:57 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2013-12-15 10:05:57 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-12-15 10:05:57 ----A---- C:\Windows\system32\cdd.dll
2013-12-15 10:00:01 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2013-12-15 10:00:01 ----A---- C:\Windows\system32\drivers\usbport.sys
2013-12-15 10:00:01 ----A---- C:\Windows\system32\drivers\usbohci.sys
2013-12-15 10:00:01 ----A---- C:\Windows\system32\drivers\usbhub.sys
2013-12-15 10:00:01 ----A---- C:\Windows\system32\drivers\usbehci.sys
2013-12-15 10:00:01 ----A---- C:\Windows\system32\drivers\usbd.sys
2013-12-15 10:00:01 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2013-12-15 09:54:16 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-12-15 09:54:15 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-12-15 09:54:15 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-12-15 09:54:15 ----A---- C:\Windows\system32\nshwfp.dll
2013-12-15 09:54:15 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-12-15 09:54:06 ----A---- C:\Windows\system32\scavengeui.dll
2013-12-08 00:52:39 ----D---- C:\Program Files (x86)\ASM104xUSB3
2013-12-07 22:14:40 ----D---- C:\Users\Lou\AppData\Roaming\Intel
2013-12-07 22:14:33 ----D---- C:\ProgramData\Roaming
2013-12-07 22:02:01 ----A---- C:\Windows\SYSWOW64\SynTPEnhPS.dll

======List of files/folders modified in the last 1 months======

2014-01-05 22:11:02 ----RD---- C:\Program Files
2014-01-05 22:06:52 ----A---- C:\Windows\SYSWOW64\log.txt
2014-01-05 22:05:54 ----HD---- C:\ASUS.DAT
2014-01-05 22:05:15 ----D---- C:\Windows\system32\Tasks
2014-01-05 22:05:06 ----D---- C:\Windows\Temp
2014-01-05 22:05:02 ----D---- C:\Windows\system32\config
2014-01-05 22:04:23 ----D---- C:\Windows
2014-01-05 22:03:27 ----HD---- C:\ProgramData
2014-01-05 22:03:26 ----D---- C:\Windows\SYSWOW64\drivers
2014-01-05 22:03:26 ----D---- C:\Windows\system32\drivers
2014-01-05 22:02:29 ----D---- C:\Windows\Prefetch
2014-01-05 22:02:24 ----SHD---- C:\Windows\Installer
2014-01-05 21:42:10 ----D---- C:\Windows\System32
2014-01-05 21:38:23 ----D---- C:\ProgramData\Trend Micro
2014-01-05 20:07:38 ----SHD---- C:\System Volume Information
2014-01-05 11:36:34 ----RD---- C:\Program Files (x86)
2014-01-05 11:30:19 ----D---- C:\Windows\tracing
2014-01-04 22:35:09 ----D---- C:\Program Files (x86)\Common Files
2014-01-04 21:44:35 ----D---- C:\Windows\system32\DriverStore
2014-01-04 21:44:35 ----D---- C:\Windows\system32\catroot
2014-01-04 21:44:34 ----D---- C:\Windows\SysWOW64
2014-01-04 21:44:34 ----D---- C:\Windows\inf
2014-01-04 12:06:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-04 11:49:11 ----SHD---- C:\Config.Msi
2014-01-04 11:22:38 ----D---- C:\Windows\pss
2014-01-04 11:10:15 ----D---- C:\Program Files (x86)\Google
2014-01-04 11:07:04 ----D---- C:\Program Files (x86)\Adobe
2014-01-04 11:04:40 ----D---- C:\Windows\system32\catroot2
2014-01-04 11:00:09 ----D---- C:\ProgramData\Intel
2014-01-04 11:00:05 ----D---- C:\Program Files\Common Files\Intel
2014-01-04 10:51:18 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-01-04 10:49:31 ----D---- C:\Program Files\Common Files
2014-01-04 00:32:35 ----D---- C:\Windows\winsxs
2014-01-03 23:54:04 ----A---- C:\Windows\system32\AutoRunFilter.ini
2014-01-03 23:53:58 ----A---- C:\Windows\system32\ServiceFilter.ini
2014-01-03 22:05:03 ----D---- C:\Windows\Tasks
2014-01-03 22:05:03 ----D---- C:\Windows\system32\drivers\etc
2014-01-03 21:05:56 ----SD---- C:\ProgramData\Microsoft
2014-01-03 21:04:59 ----D---- C:\ProgramData\Adobe
2014-01-03 20:28:23 ----D---- C:\ProgramData\Microsoft Help
2014-01-03 20:28:20 ----A---- C:\Windows\win.ini
2014-01-03 19:56:11 ----D---- C:\Windows\debug
2014-01-03 19:47:37 ----D---- C:\Program Files\CCleaner
2013-12-25 08:56:01 ----A---- C:\Windows\system32\aswBoot.exe
2013-12-22 14:58:10 ----D---- C:\Windows\rescache
2013-12-15 14:27:58 ----D---- C:\Windows\Microsoft.NET
2013-12-15 14:26:25 ----RSD---- C:\Windows\assembly
2013-12-15 13:12:12 ----D---- C:\Program Files\Windows Media Player
2013-12-15 13:08:32 ----D---- C:\Program Files\Microsoft Silverlight
2013-12-15 13:08:31 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-12-15 13:04:43 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-15 13:04:40 ----D---- C:\Windows\AppPatch
2013-12-15 13:04:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-15 13:04:39 ----D---- C:\Windows\system32\cs-CZ
2013-12-15 13:04:38 ----D---- C:\Program Files\Windows Defender
2013-12-15 13:04:38 ----D---- C:\Program Files (x86)\Windows Defender
2013-12-15 13:04:30 ----D---- C:\Windows\SYSWOW64\wbem
2013-12-15 13:04:30 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-15 13:04:30 ----D---- C:\Windows\PolicyDefinitions
2013-12-15 13:04:29 ----D---- C:\Windows\system32\wbem
2013-12-15 13:04:29 ----D---- C:\Windows\system32\en-US
2013-12-15 13:04:29 ----D---- C:\Windows\system32\drivers\en-US
2013-12-15 13:04:27 ----D---- C:\Windows\SYSWOW64\migration
2013-12-15 13:04:27 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-15 13:04:26 ----D---- C:\Windows\system32\migration
2013-12-15 13:04:26 ----D---- C:\Program Files\Internet Explorer
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\zh-TW
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\zh-HK
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\zh-CN
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\tr-TR
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\sv-SE
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\ru-RU
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\pt-PT
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\pt-BR
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\pl-PL
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\nl-NL
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\ko-KR
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\ja-JP
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\it-IT
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\hu-HU
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\fr-FR
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\fi-FI
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\es-ES
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\el-GR
2013-12-15 13:04:21 ----D---- C:\Windows\SYSWOW64\de-DE
2013-12-15 13:04:20 ----D---- C:\Windows\SYSWOW64\nb-NO
2013-12-15 13:04:20 ----D---- C:\Windows\SYSWOW64\da-DK
2013-12-15 13:04:20 ----D---- C:\Windows\system32\zh-HK
2013-12-15 13:04:20 ----D---- C:\Windows\system32\pt-PT
2013-12-15 13:04:20 ----D---- C:\Windows\system32\pt-BR
2013-12-15 13:04:20 ----D---- C:\Windows\system32\pl-PL
2013-12-15 13:04:20 ----D---- C:\Windows\system32\ko-KR
2013-12-15 13:04:20 ----D---- C:\Windows\system32\it-IT
2013-12-15 13:04:20 ----D---- C:\Windows\system32\hu-HU
2013-12-15 13:04:20 ----D---- C:\Windows\system32\el-GR
2013-12-15 13:04:19 ----D---- C:\Windows\system32\zh-TW
2013-12-15 13:04:19 ----D---- C:\Windows\system32\zh-CN
2013-12-15 13:04:19 ----D---- C:\Windows\system32\tr-TR
2013-12-15 13:04:19 ----D---- C:\Windows\system32\sv-SE
2013-12-15 13:04:19 ----D---- C:\Windows\system32\ru-RU
2013-12-15 13:04:19 ----D---- C:\Windows\system32\nl-NL
2013-12-15 13:04:19 ----D---- C:\Windows\system32\nb-NO
2013-12-15 13:04:19 ----D---- C:\Windows\system32\ja-JP
2013-12-15 13:04:19 ----D---- C:\Windows\system32\fr-FR
2013-12-15 13:04:19 ----D---- C:\Windows\system32\fi-FI
2013-12-15 13:04:19 ----D---- C:\Windows\system32\es-ES
2013-12-15 13:04:19 ----D---- C:\Windows\system32\de-DE
2013-12-15 13:04:19 ----D---- C:\Windows\system32\da-DK
2013-12-15 13:04:17 ----D---- C:\Program Files\Windows Journal
2013-12-15 11:48:45 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-14 15:00:55 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-12-07 23:18:36 ----D---- C:\Windows\system32\wfp
2013-12-07 23:18:36 ----D---- C:\Windows\system32\NDF
2013-12-07 23:18:36 ----D---- C:\Windows\system32\drivers\UMDF
2013-12-07 23:18:35 ----D---- C:\Users\Lou\AppData\Roaming\vlc
2013-12-07 23:18:35 ----D---- C:\Users\Lou\AppData\Roaming\dvdcss
2013-12-07 23:18:35 ----D---- C:\ProgramData\P4G
2013-12-07 23:18:27 ----D---- C:\Windows\registration
2013-12-07 22:55:21 ----D---- C:\Program Files\P4G
2013-12-07 17:33:46 ----D---- C:\AsusVibeData
2013-12-07 14:24:06 ----D---- C:\Program Files (x86)\ASUS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-11-21 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-25 207904]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-11-05 438808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2013-11-21 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-12-25 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2013-12-25 422216]
R1 ATKWMIACPIIO_;ATKWMIACPI Driver_; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2012-09-05 31080]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-12-25 78648]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2012-02-15 11576]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2013-12-25 79672]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-08-02 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-08-02 330912]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-08-02 110240]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-08-02 30368]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-08-02 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-08-02 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-08-02 280992]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-08-02 511136]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-11-07 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-08-16 3056360]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-31 138024]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-02-15 52736]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-08-02 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-08-02 103584]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-25 50344]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-04 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-14 257416]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-11-07 279000]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-04 116648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-08 115608]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-12-26 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#22 Příspěvek od **Márty84** » 06 led 2014 08:35

Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
avgtp
AdobeARMservice
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job
C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
C:\Windows\system32\drivers\avgtpx64.sys

:otl
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
IE - HKU\S-1-5-21-471454355-19411653-3372463115-1000\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
FF - prefs.js..browser.startup.homepage: "http://us.yahoo.com?fr=fp-comodo"
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..keyword.URL: "http://us.search.yahoo.com/search?fr=ytff-comodo&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-comodo"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-comodo"
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ [2012.04.14 23:12:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
[2011.12.26 11:51:38 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\Lou\AppData\Roaming\mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2014.01.04 10:47:55 | 000,000,000 | ---D | M] (Start Page) -- C:\Users\Lou\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
[2013.03.07 18:06:56 | 000,000,000 | ---D | M] (FT DeepDark) -- C:\Users\Lou\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
[2014.01.03 23:46:29 | 000,537,103 | ---- | M] () (No name found) -- C:\Users\Lou\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\extensions\PrivDog@AdTrustMedia.com.xpi
[2014.01.04 10:47:51 | 000,000,905 | ---- | M] () -- C:\Users\Lou\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\searchplugins\yahoo_ff.xml
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No CLSID value found.
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No CLSID value found.
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9:64bit: - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Key error. File not found
O9 - Extra Button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No CLSID value found.
[2014.01.05 11:40:42 | 000,038,328 | ---- | C] (ESET) -- C:\Windows\SysNative\drivers\EpfwLWF.sys.bak
[2014.01.05 11:41:29 | 000,090,704 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys.bak
[2014.01.05 11:40:31 | 000,031,080 | ---- | C] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys.bak
[2014.01.05 11:40:30 | 000,375,376 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys.bak
[2014.01.05 11:40:30 | 000,283,728 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys.bak
[2014.01.05 11:40:30 | 000,046,672 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys.bak
[2014.01.05 11:40:30 | 000,037,456 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys.bak
[2014.01.05 11:40:30 | 000,029,776 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys.bak
[2014.01.05 11:40:30 | 000,026,704 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSEH.sys.bak
[2014.01.05 11:40:29 | 000,120,400 | ---- | C] (AVG Technologies CZ, s.r.o. ) -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys.bak
[2014.01.05 11:40:28 | 000,048,992 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgfwd6a.sys.bak
[2014.01.04 15:51:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2014.01.04 10:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[1 C:\Users\Lou\Desktop\*.tmp files -> C:\Users\Lou\Desktop\*.tmp -> ]
[2014.01.05 11:41:30 | 000,144,464 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmcomm.sys.bak
[2014.01.05 11:41:30 | 000,105,552 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys.bak
[2014.01.05 11:41:30 | 000,090,704 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmactmon.sys.bak
[2014.01.05 11:41:30 | 000,067,664 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmevtmgr.sys.bak
[2012.03.20 00:42:12 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\AVG
[2011.12.26 12:36:23 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\AVG2012
[2012.09.29 20:50:22 | 000,000,000 | ---D | M] -- C:\Users\Lou\AppData\Roaming\ESET
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[15 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\1ddb35edae9ffc3937df9b7c7c580a42\*.tmp files -> C:\Windows\SoftwareDistribution\Download\1ddb35edae9ffc3937df9b7c7c580a42\*.tmp -> ]
[2010.07.11 04:41:43 | 000,001,482 | ---- | M] () -- \ProgramData\AutoKMS\AutoKMS.cmd
[2010.07.11 04:41:43 | 000,001,482 | ---- | M] () -- \Users\All Users\AutoKMS\AutoKMS.cmd
[2012.07.22 18:48:22 | 000,000,161 | ---- | M] () -- \Windows\AutoKMS.ini

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_ROC_JULY_P1] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lou^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

meijo · #23 Příspěvek od **meijo** » 06 led 2014 17:29

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 57472 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Lou
->Temp folder emptied: 27766245 bytes
->Temporary Internet Files folder emptied: 596320 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 6788090 bytes
->Google Chrome cache emptied: 75972900 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 57983 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1202242 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85315 bytes
RecycleBin emptied: 832273 bytes

Total Files Cleaned = 108,00 mb

[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Lou
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service avgtp stopped successfully!
Service avgtp deleted successfully!
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\DLL-files.com Fixer_MONTHLY.job moved successfully.
C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk moved successfully.
File\Folder C:\Windows\system32\drivers\avgtpx64.sys not found.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKU\S-1-5-21-471454355-19411653-3372463115-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-471454355-19411653-3372463115-1000\Software\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}\ not found.
Prefs.js: "http://us.yahoo.com?fr=fp-comodo" removed from browser.startup.homepage
Prefs.js: "Yahoo" removed from browser.search.defaultenginename
Prefs.js: "Yahoo" removed from browser.search.selectedEngine
Prefs.js: "http://us.search.yahoo.com/search?fr=ytff-comodo&p=" removed from keyword.URL
Prefs.js: "chrf-comodo" removed from browser.search.param.yahoo-fr
Prefs.js: "chrf-comodo" removed from browser.search.param.yahoo-fr-cjkt
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22C7F6C6-8D67-4534-92B5-529A0EC09405}\ not found.
File C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension\ not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}\ not found.
File C:\Program Files (x86)\AVG\AVG2012\Firefox4 not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com deleted successfully.
File C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird not found.
C:\Users\Lou\AppData\Roaming\mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\searchplugin folder moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\modules folder moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\META-INF folder moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\defaults folder moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components folder moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\chrome folder moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\Firefox\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527} folder moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome\content folder moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}\chrome folder moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362} folder moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}\chrome folder moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\Firefox\Profiles\nahd6ha2.default\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} folder moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\extensions\PrivDog@AdTrustMedia.com.xpi moved successfully.
C:\Users\Lou\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\searchplugins\yahoo_ff.xml moved successfully.
File C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}\ not found.
File C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}\ not found.
File C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}\ not found.
File C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}\ not found.
File C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xport to Microsoft Excel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2670000A-7350-4f3c-8081-5663EE0C6C49}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}\ not found.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
C:\Windows\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
File C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tmbp\ deleted successfully.
File C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll not found.
File C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tmpx\ deleted successfully.
File C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll not found.
File C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tmbp\ not found.
File C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll not found.
File C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\tmpx\ not found.
File C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}\ not found.
C:\Windows\SysNative\drivers\EpfwLWF.sys.bak moved successfully.
C:\Windows\SysNative\drivers\tmactmon.sys.bak moved successfully.
C:\Windows\SysNative\drivers\avgtpx64.sys.bak moved successfully.
File C:\Windows\SysNative\drivers\avgtdia.sys.bak not found.
File C:\Windows\SysNative\drivers\avgldx64.sys.bak not found.
File C:\Windows\SysNative\drivers\avgmfx64.sys.bak not found.
File C:\Windows\SysNative\drivers\avgrkx64.sys.bak not found.
File C:\Windows\SysNative\drivers\AVGIDSFilter.sys.bak not found.
File C:\Windows\SysNative\drivers\AVGIDSEH.sys.bak not found.
File C:\Windows\SysNative\drivers\AVGIDSDriver.sys.bak not found.
File C:\Windows\SysNative\drivers\avgfwd6a.sys.bak not found.
C:\ProgramData\Kaspersky Lab folder moved successfully.
C:\ProgramData\IObit\IObit Unlocker folder moved successfully.
C:\ProgramData\IObit folder moved successfully.
C:\Users\Lou\Desktop\~WRL1765.tmp deleted successfully.
C:\Windows\SysNative\drivers\tmcomm.sys.bak moved successfully.
C:\Windows\SysNative\drivers\tmtdi.sys.bak moved successfully.
File C:\Windows\SysNative\drivers\tmactmon.sys.bak not found.
C:\Windows\SysNative\drivers\tmevtmgr.sys.bak moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\Track Eraser folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\Rescue\Tweak Manager folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\Rescue\TaskManager folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\Rescue\ServiceManager folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\Rescue\PC Tuneup 2011 folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\Rescue\Internet Optimizer folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\Rescue\AVG Registry Cleaner folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\Rescue folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\Registry Defrag\Reports folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\Registry Defrag folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\PC Tuneup\User Reports folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\PC Tuneup\Logs folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\PC Tuneup\Disk Doctor\User Reports folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\PC Tuneup\Disk Doctor\Logs folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\PC Tuneup\Disk Doctor folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\PC Tuneup folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG\BoostSpeed folder moved successfully.
C:\Users\Lou\AppData\Roaming\AVG folder moved successfully.
Folder C:\Users\Lou\AppData\Roaming\AVG2012\ not found.
C:\Users\Lou\AppData\Roaming\ESET\ESET Smart Security folder moved successfully.
C:\Users\Lou\AppData\Roaming\ESET folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2521.tmp deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9231.tmp\napinit.dll deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9231.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9BE1.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCA7F.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF326.tmp folder deleted successfully.
C:\Windows\Installer\MSI1149.tmp deleted successfully.
C:\Windows\Installer\MSI14A4.tmp deleted successfully.
C:\Windows\Installer\MSI2BF2.tmp deleted successfully.
C:\Windows\Installer\MSI3601.tmp deleted successfully.
C:\Windows\Installer\MSI37D6.tmp deleted successfully.
C:\Windows\Installer\MSI3E9B.tmp deleted successfully.
C:\Windows\Installer\MSI7A06.tmp deleted successfully.
C:\Windows\Installer\MSI7DA0.tmp deleted successfully.
C:\Windows\Installer\MSI81B6.tmp deleted successfully.
C:\Windows\Installer\MSI9A43.tmp deleted successfully.
C:\Windows\Installer\MSIA4EA.tmp deleted successfully.
C:\Windows\Installer\MSIACB7.tmp deleted successfully.
C:\Windows\Installer\MSIBC81.tmp deleted successfully.
C:\Windows\Installer\MSIF814.tmp deleted successfully.
C:\Windows\Installer\MSIFA46.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\1ddb35edae9ffc3937df9b7c7c580a42\BIT4F0.tmp deleted successfully.
File move failed. \ProgramData\AutoKMS\AutoKMS.cmd scheduled to be moved on reboot.
File move failed. \Users\All Users\AutoKMS\AutoKMS.cmd scheduled to be moved on reboot.
File move failed. \Windows\AutoKMS.ini scheduled to be moved on reboot.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ROC_ROC_JULY_P1\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Trend Micro Titanium\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lou^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 01062014_172358

Files\Folders moved on Reboot...
C:\Users\Lou\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. \ProgramData\AutoKMS\AutoKMS.cmd scheduled to be moved on reboot.
File move failed. \Users\All Users\AutoKMS\AutoKMS.cmd scheduled to be moved on reboot.
File move failed. \Windows\AutoKMS.ini scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#24 Příspěvek od **Márty84** » 06 led 2014 17:33

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe
Stahnete a spustte

Pro potvrzeni volby mackejte A, Enter

Po pouziti utilitu smazte

Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

meijo · #25 Příspěvek od **meijo** » 06 led 2014 20:28

Noťas je krásně rychlej až se divím, že to dokáže

Děkuji za Váš čas a pomoc!

#26 Příspěvek od **Márty84** » 06 led 2014 20:47

To rad slysim, teda vlastne vidim

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu