Logfile of random's system information tool 1.09 (written by random/random)
Run by sabina at 2014-01-30 20:09:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 776 GB (81%) free of 954 GB
Total RAM: 8183 MB (81% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:09:31, on 30. 1. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files\trend micro\sabina.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mncpoborSrv] C:\Windows\inf\mncpobor.vbe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Windows] "C:\Users\Public\Public Documents\Windows Movie Player\player.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10404 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2364.0.1053978107\238926421" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23,28 --gpu-vendor-id=0x10de --gpu-device-id=0x0f00 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll" --lang=sk --channel="2364.5.980534820\1835984394" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_97/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2364.48.498678267\1197594666" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Disabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_97/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2364.50.1085818316\1860649543" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe29_ Global\UsGthrCtrlFltPipeMssGthrPipe29 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Program Files (x86)\Winamp\winamp.exe" -Embedding
"C:\Users\sabina\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\avast! Emergency Update.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
C:\Windows\tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
C:\Windows\tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
C:\Windows\tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
C:\Windows\tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
C:\Windows\tasks\update-sys.job
=========Mozilla firefox=========
ProfilePath - C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1372864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-10-09 6270336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1372864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1138536]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 1266912]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows"=C:\Users\Public\Public Documents\Windows Movie Player\player.exe [2008-12-07 675840]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msgcqdSrv]
C:\Windows\inf\msgcqd.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msloupdSrv]
C:\Windows\inf\msloupd.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv]
C:\Windows\inf\ntvdm.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe [2008-11-14 305064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-18 20587168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-05-04 630912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"MSStp"=C:\Windows\system32\msstp.vbe []
"mncpoborSrv"=C:\Windows\inf\mncpobor.vbe [2014-01-13 1338]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-24 3764024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2014-01-28 22:30:54 ----D---- C:\Program Files (x86)\trend micro
2014-01-28 17:52:01 ----D---- C:\_OTL
2014-01-25 21:26:24 ----D---- C:\Users\sabina\AppData\Roaming\Malwarebytes
2014-01-25 21:26:18 ----D---- C:\ProgramData\Malwarebytes
2014-01-25 21:26:18 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-25 21:26:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-01-25 19:28:24 ----D---- C:\rsit
2014-01-25 19:28:24 ----D---- C:\Program Files\trend micro
2014-01-24 17:39:38 ----A---- C:\Windows\system32\drivers\PCTBD64.sys
2014-01-24 17:39:34 ----A---- C:\Windows\BDTSupport.dll
2014-01-24 17:39:33 ----A---- C:\Windows\SGDetectionTool.dll
2014-01-24 17:39:32 ----A---- C:\Windows\PCTBDCore.dll
2014-01-24 17:39:31 ----A---- C:\Windows\PCTBDRes.dll
2014-01-24 17:37:28 ----D---- C:\Program Files (x86)\PC Tools
2014-01-24 17:32:14 ----A---- C:\Windows\system32\drivers\Cat.DB
2014-01-24 17:31:55 ----A---- C:\Windows\system32\drivers\PCTSD64.sys
2014-01-24 17:31:25 ----D---- C:\Users\sabina\AppData\Roaming\AVAST Software
2014-01-24 17:31:02 ----D---- C:\ProgramData\PC Tools
2014-01-24 17:30:59 ----D---- C:\Users\sabina\AppData\Roaming\TestApp
2014-01-24 17:30:58 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-01-24 17:30:58 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-01-24 17:30:55 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-01-24 17:30:53 ----A---- C:\Windows\system32\aswBoot.exe
2014-01-24 17:30:45 ----A---- C:\Windows\avastSS.scr
2014-01-24 17:30:09 ----D---- C:\Program Files\AVAST Software
2014-01-24 17:29:35 ----D---- C:\ProgramData\AVAST Software
2014-01-24 17:25:46 ----D---- C:\Program Files (x86)\Company
2014-01-24 17:25:07 ----D---- C:\Program Files (x86)\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod
2014-01-20 21:54:36 ----D---- C:\Users\sabina\AppData\Roaming\Origin
2014-01-20 21:53:06 ----D---- C:\ProgramData\Origin
2014-01-20 19:33:55 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-01-16 00:09:46 ----D---- C:\Program Files (x86)\HTC
2014-01-16 00:09:16 ----D---- C:\ProgramData\HTC
2014-01-16 00:09:15 ----D---- C:\Temp
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-01-15 11:45:19 ----A---- C:\Windows\system32\win32k.sys
2014-01-15 11:45:18 ----A---- C:\Windows\system32\drivers\netio.sys
2014-01-13 17:46:33 ----D---- C:\Program Files (x86)\Hewlett-Packard
2014-01-13 17:46:31 ----D---- C:\ProgramData\Visan
2014-01-13 17:46:31 ----D---- C:\ProgramData\HP Photo Creations
2014-01-13 17:46:31 ----D---- C:\Program Files (x86)\HP Photo Creations
2014-01-13 17:46:04 ----D---- C:\Users\sabina\AppData\Roaming\HpUpdate
2014-01-13 17:45:52 ----N---- C:\Windows\system32\HPDiscoPMC211.dll
2014-01-13 17:45:00 ----D---- C:\ProgramData\HP
2014-01-13 17:44:55 ----D---- C:\Program Files (x86)\HP
2014-01-13 17:44:02 ----D---- C:\Program Files\HP
2014-01-13 17:43:58 ----A---- C:\ProgramData\Ament.ini
2014-01-09 15:54:45 ----D---- C:\Program Files (x86)\R.G. Catalyst
2014-01-09 08:19:02 ----D---- C:\Program Files (x86)\Electronic Arts
2014-01-09 08:18:58 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-01-09 08:18:58 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-01-09 08:18:57 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-01-09 08:18:55 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-01-09 08:18:55 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-01-09 08:18:55 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-01-09 08:18:55 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-01-09 08:18:54 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-01-09 08:18:53 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-01-09 08:18:53 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-01-09 08:18:51 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-01-09 08:18:51 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-01-09 08:18:51 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-01-09 08:18:51 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-01-09 08:18:50 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-01-09 08:18:49 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2014-01-09 08:18:49 ----A---- C:\Windows\system32\d3dx9_34.dll
2014-01-09 08:18:48 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-01-09 08:18:48 ----A---- C:\Windows\system32\xinput1_3.dll
2014-01-09 08:18:47 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2014-01-09 08:18:47 ----A---- C:\Windows\system32\xactengine2_7.dll
2014-01-09 08:18:46 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\system32\d3dx10_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2014-01-09 08:18:45 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2014-01-09 08:18:45 ----A---- C:\Windows\system32\d3dx9_33.dll
2014-01-09 08:18:44 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2014-01-09 08:18:44 ----A---- C:\Windows\system32\xactengine2_6.dll
2014-01-09 08:18:43 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2014-01-09 08:18:43 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2014-01-09 08:18:43 ----A---- C:\Windows\system32\xactengine2_5.dll
2014-01-09 08:18:43 ----A---- C:\Windows\system32\d3dx10.dll
2014-01-09 08:18:42 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2014-01-09 08:18:42 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-01-09 08:18:41 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2014-01-09 08:18:41 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2014-01-09 08:18:41 ----A---- C:\Windows\system32\xactengine2_4.dll
2014-01-09 08:18:41 ----A---- C:\Windows\system32\x3daudio1_1.dll
2014-01-09 08:18:40 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-01-09 08:18:40 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-01-09 08:18:39 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2014-01-09 08:18:39 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2014-01-09 08:18:39 ----A---- C:\Windows\system32\xinput1_2.dll
2014-01-09 08:18:39 ----A---- C:\Windows\system32\xactengine2_3.dll
2014-01-09 08:18:38 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-01-09 08:18:38 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2014-01-09 08:18:38 ----A---- C:\Windows\system32\xinput1_1.dll
2014-01-09 08:18:38 ----A---- C:\Windows\system32\xactengine2_2.dll
2014-01-09 08:18:37 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-01-09 08:18:37 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-01-09 08:18:29 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2014-01-09 08:18:29 ----A---- C:\Windows\system32\d3dx9_30.dll
2014-01-09 08:18:28 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-01-09 08:18:27 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2014-01-09 08:18:27 ----A---- C:\Windows\system32\d3dx9_29.dll
2014-01-09 08:18:26 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2014-01-09 08:18:26 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-01-09 08:18:25 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2014-01-09 08:18:25 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-01-09 08:18:24 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2014-01-09 08:18:24 ----A---- C:\Windows\system32\d3dx9_26.dll
2014-01-09 08:18:23 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2014-01-09 08:18:23 ----A---- C:\Windows\system32\d3dx9_25.dll
2014-01-09 08:18:22 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2014-01-09 08:18:22 ----A---- C:\Windows\system32\d3dx9_24.dll
2014-01-03 00:45:36 ----D---- C:\Program Files (x86)\Skillbrains
2013-12-30 17:03:17 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-12-29 16:04:48 ----D---- C:\Windows\Watson
2013-12-29 16:04:48 ----D---- C:\Program Files (x86)\Microsoft Games
2013-12-23 19:55:45 ----D---- C:\Program Files (x86)\Mio
2013-12-14 23:46:16 ----D---- C:\Program Files (x86)\EA GAMES
2013-12-14 23:46:15 ----RA---- C:\Windows\SYSWOW64\vp6vfw.dll
2013-12-12 19:46:43 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 19:46:42 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 19:46:42 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 19:46:40 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 19:44:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 19:44:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-12 19:44:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-12 19:44:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 19:44:58 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 19:44:58 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 19:44:57 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 19:44:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-12 19:44:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-12 19:44:56 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 19:44:56 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 19:44:56 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 19:44:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-12 19:44:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-12 19:44:55 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 19:44:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-12 19:44:54 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 19:44:54 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 19:44:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 19:44:53 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 19:44:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-12 19:44:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-12 19:44:51 ----A---- C:\Windows\system32\jscript9.dll
2013-12-12 19:17:01 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 19:17:01 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 19:17:00 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 19:17:00 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 19:17:00 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 19:17:00 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 19:16:58 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 19:16:58 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 19:16:55 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 19:16:55 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 19:16:54 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 19:16:54 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 19:16:54 ----A---- C:\Windows\system32\cscript.exe
2013-12-01 01:33:29 ----D---- C:\ProgramData\LogMeIn
2013-11-24 19:03:56 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-11-24 19:00:13 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-11-24 19:00:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\url.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-11-24 19:00:10 ----A---- C:\Windows\system32\elshyph.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-11-24 19:00:08 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-11-24 19:00:08 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-11-24 19:00:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-11-24 19:00:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msrating.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msls31.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msfeedssync.exe
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\jsIntl.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\wextract.exe
2013-11-24 19:00:07 ----A---- C:\Windows\system32\webcheck.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\vbscript.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\url.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\mshtmler.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\licmgr10.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\inseng.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\iexpress.exe
2013-11-24 19:00:07 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\iedkcs32.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\ieapfltr.dat
2013-11-24 19:00:07 ----A---- C:\Windows\system32\icardie.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\dxtrans.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\dxtmsft.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\pngfilt.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\occache.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\mshta.exe
2013-11-24 19:00:06 ----A---- C:\Windows\system32\jscript.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\imgutil.dll
2013-11-24 19:00:02 ----A---- C:\Windows\system32\iepeers.dll
2013-11-24 16:56:17 ----D---- C:\Program Files\CoreFTP
2013-11-23 18:22:54 ----D---- C:\Program Files\7-Zip
2013-11-14 18:53:11 ----D---- C:\Users\sabina\AppData\Roaming\AnvSoft
2013-11-14 18:52:52 ----D---- C:\Program Files (x86)\AnvSoft
2013-11-13 18:38:08 ----D---- C:\Users\sabina\AppData\Roaming\Apple Computer
2013-11-13 18:35:31 ----D---- C:\ProgramData\Apple Computer
2013-11-13 18:35:31 ----D---- C:\Program Files (x86)\QuickTime
2013-11-13 18:34:41 ----D---- C:\ProgramData\Apple
2013-11-13 18:18:49 ----D---- C:\Program Files (x86)\pazera-software
2013-11-12 21:35:32 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-12 21:35:32 ----A---- C:\Windows\system32\crypt32.dll
2013-11-12 21:35:30 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-12 21:35:29 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-12 21:35:29 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-12 21:35:29 ----A---- C:\Windows\system32\credui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\system32\authui.dll
2013-11-12 21:35:25 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\sspicli.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\schannel.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-12 21:35:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-12 21:35:25 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-12 21:35:24 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-12 21:35:24 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-12 21:35:24 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\secur32.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\lsass.exe
2013-11-12 21:35:23 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-12 21:35:23 ----A---- C:\Windows\system32\gdi32.dll
2013-11-12 21:35:22 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-12 21:35:22 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-12 21:35:22 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-12 21:35:22 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-12 21:35:22 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-04 15:47:21 ----D---- C:\Users\sabina\AppData\Roaming\CoreFTP
2013-11-04 15:47:07 ----D---- C:\Program Files (x86)\CoreFTP
2013-11-04 14:30:57 ----D---- C:\Users\sabina\AppData\Roaming\Mozilla
2013-11-04 14:30:07 ----D---- C:\ProgramData\Mozilla
2013-11-04 14:30:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-04 14:29:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-02 16:24:41 ----D---- C:\ProgramData\FLEXnet
2013-11-02 15:23:33 ----D---- C:\Program Files\Adobe
2013-11-02 15:16:16 ----D---- C:\Windows\SYSWOW64\spool
2013-11-02 15:15:20 ----D---- C:\Program Files (x86)\Adobe Media Player
2013-11-02 15:10:21 ----D---- C:\ProgramData\Adobe
2013-11-02 15:09:59 ----D---- C:\Program Files (x86)\Adobe
2013-11-02 15:09:38 ----D---- C:\Program Files\Common Files\Macrovision Shared
2013-11-02 15:09:37 ----D---- C:\Program Files\Common Files\Adobe
2013-11-02 14:40:17 ----D---- C:\Users\sabina\AppData\Roaming\Notepad++
2013-11-02 14:40:04 ----D---- C:\Program Files (x86)\Notepad++
======List of files/folders modified in the last 3 months======
2014-01-30 20:08:36 ----D---- C:\Windows\Temp
2014-01-30 20:02:31 ----D---- C:\ProgramData\PMB Files
2014-01-30 16:45:19 ----D---- C:\Windows\System32
2014-01-30 16:45:19 ----D---- C:\Windows\inf
2014-01-30 16:45:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-30 08:16:07 ----D---- C:\Windows\system32\config
2014-01-30 08:12:20 ----AD---- C:\ProgramData\TEMP
2014-01-30 08:12:19 ----D---- C:\Windows
2014-01-30 08:02:02 ----D---- C:\ProgramData\NVIDIA
2014-01-29 20:17:43 ----D---- C:\Users\sabina\AppData\Roaming\uTorrent
2014-01-29 18:35:53 ----D---- C:\Users\sabina\AppData\Roaming\Winamp
2014-01-28 22:30:54 ----RD---- C:\Program Files (x86)
2014-01-28 21:59:00 ----SHD---- C:\System Volume Information
2014-01-27 22:47:55 ----D---- C:\Windows\system32\drivers
2014-01-27 20:42:12 ----D---- C:\Windows\system32\LogFiles
2014-01-25 21:26:18 ----HD---- C:\ProgramData
2014-01-25 19:28:24 ----RD---- C:\Program Files
2014-01-24 17:37:33 ----SHD---- C:\Windows\Installer
2014-01-24 17:31:52 ----D---- C:\Program Files (x86)\Common Files
2014-01-24 17:31:05 ----D---- C:\Windows\Tasks
2014-01-24 17:30:54 ----D---- C:\Windows\winsxs
2014-01-24 17:25:22 ----D---- C:\Windows\SysWOW64
2014-01-24 15:17:56 ----D---- C:\412988f1bbf86413bac1
2014-01-20 21:52:45 ----D---- C:\Users\sabina\AppData\Roaming\vlc
2014-01-19 21:27:00 ----D---- C:\Windows\system32\catroot2
2014-01-19 12:21:20 ----D---- C:\Program Files (x86)\Google
2014-01-19 08:33:29 ----N---- C:\Windows\system32\MpSigStub.exe
2014-01-19 01:01:43 ----D---- C:\Users\sabina\AppData\Roaming\DAEMON Tools Lite
2014-01-16 13:41:49 ----D---- C:\Windows\system32\DriverStore
2014-01-16 01:27:58 ----D---- C:\Windows\system32\catroot
2014-01-16 01:27:56 ----D---- C:\ProgramData\Microsoft Help
2014-01-15 11:41:45 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-14 12:39:32 ----D---- C:\Program Files (x86)\epson
2014-01-13 18:11:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-01-13 18:08:26 ----D---- C:\Windows\twain_32
2014-01-09 08:37:01 ----RSD---- C:\Windows\assembly
2014-01-07 21:34:08 ----D---- C:\Program Files (x86)\Rockstar Games
2013-12-31 00:19:21 ----D---- C:\Users\sabina\AppData\Roaming\Adobe
2013-12-29 16:04:55 ----RSD---- C:\Windows\Fonts
2013-12-29 15:43:18 ----D---- C:\Program Files (x86)\uTorrent
2013-12-24 01:47:14 ----D---- C:\Users\sabina\AppData\Roaming\Skype
2013-12-12 21:10:40 ----D---- C:\Windows\system32\NDF
2013-12-12 21:06:25 ----D---- C:\Program Files\Windows Media Player
2013-12-12 21:06:25 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-12 21:06:24 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-12-12 21:06:24 ----D---- C:\Windows\system32\sk-SK
2013-12-12 21:06:24 ----D---- C:\Program Files\Internet Explorer
2013-12-10 11:08:33 ----SHD---- C:\$Recycle.Bin
2013-12-06 10:05:54 ----SD---- C:\Users\sabina\AppData\Roaming\Microsoft
2013-12-01 01:35:13 ----D---- C:\Windows\Panther
2013-12-01 01:35:13 ----D---- C:\Windows\Logs
2013-12-01 01:00:03 ----D---- C:\ProgramData\Skype
2013-12-01 01:00:02 ----RD---- C:\Program Files (x86)\Skype
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\wbem
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\migration
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\en-US
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-11-24 21:59:20 ----D---- C:\Windows\system32\wbem
2013-11-24 21:59:20 ----D---- C:\Windows\system32\migration
2013-11-24 21:59:20 ----D---- C:\Windows\system32\en-US
2013-11-24 21:59:20 ----D---- C:\Windows\system32\cs-CZ
2013-11-24 21:59:20 ----D---- C:\Windows\PolicyDefinitions
2013-11-19 01:48:56 ----D---- C:\Program Files\Microsoft Security Client
2013-11-19 01:48:56 ----D---- C:\Program Files (x86)\Microsoft Security Client
2013-11-14 17:58:33 ----D---- C:\Program Files\Google
2013-11-14 17:52:31 ----D---- C:\Windows\SoftwareDistribution
2013-11-14 17:52:17 ----D---- C:\ProgramData\Google
2013-11-04 23:44:42 ----D---- C:\Windows\SYSWOW64\LogFiles
2013-11-04 14:42:48 ----SD---- C:\ProgramData\Microsoft
2013-11-02 16:24:46 ----D---- C:\Users\sabina\AppData\Roaming\NVIDIA
2013-11-02 15:17:49 ----D---- C:\Windows\SYSWOW64\drivers
2013-11-02 15:09:38 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-24 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-24 207904]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 248240]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-01-24 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-24 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-24 422216]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-17 283064]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-11-13 55936]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-24 78648]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 134944]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-24 79672]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD64.sys [2012-10-23 77144]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-05-04 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-24 50344]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-10-23 580728]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-19 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-02 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-11-02 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-19 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-26 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-26 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomalený internet,YT videa nefungujú atď.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
sabrina.sms
- Návštěvník
- Příspěvky: 21
- Registrován: 25 led 2014 18:53
-
sabrina.sms
- Návštěvník
- Příspěvky: 21
- Registrován: 25 led 2014 18:53
Re: Spomalený internet,YT videa nefungujú atď.
OTL logfile created on: 30. 1. 2014 20:10:19 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sabina\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
7,99 Gb Total Physical Memory | 6,45 Gb Available Physical Memory | 80,75% Memory free
15,98 Gb Paging File | 14,11 Gb Available in Paging File | 88,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 757,38 Gb Free Space | 81,31% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 84,74 Mb Free Space | 84,75% Space Free | Partition Type: NTFS
Computer Name: SABINA-PC | User Name: sabina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/28 17:50:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sabina\Desktop\OTL.exe
PRC - [2014/01/24 17:30:41 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/24 17:30:41 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/01/23 06:57:02 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/07/23 23:57:42 | 002,251,360 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
PRC - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/12/07 18:27:50 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
========== Modules (No Company Name) ==========
MOD - [2014/01/24 17:30:44 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/01/23 06:57:00 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppgooglenaclpluginchrome.dll
MOD - [2014/01/23 06:56:56 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
MOD - [2014/01/23 06:56:02 | 000,715,544 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
MOD - [2014/01/23 06:56:01 | 000,100,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
MOD - [2014/01/23 06:55:58 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
MOD - [2014/01/20 19:33:52 | 016,287,624 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/01/24 17:30:41 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/02 15:09:38 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/05/04 14:40:36 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/02 15:09:28 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/10/26 02:53:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/25 23:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/12/07 18:27:50 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/01/24 17:31:18 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/01/24 17:30:46 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/01/24 17:30:46 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/01/24 17:30:46 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/01/24 17:30:46 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/01/24 17:30:46 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/01/24 17:30:46 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/10/17 15:28:00 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/12/07 18:27:50 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2012/10/23 17:40:32 | 000,077,144 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCTBD64.sys -- (PCTBD)
DRV:64bit: - [2012/04/18 18:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/16 06:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/01/13 21:05:55 | 000,056,448 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/11/13 13:31:16 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 76 E9 63 A7 07 A1 CE 01 [binary data]
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... KB_skSK550
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes\4FC19F7FF664411CBBCAA3FC5CA6E9E0: "URL" = http://www.google.com/search?q={searchT ... KB_skSK550
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/24 17:30:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ [2014/01/24 17:39:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/11/04 14:31:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sabina\AppData\Roaming\mozilla\Extensions
[2013/11/04 14:29:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/04 14:29:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchT ... KB_skSK550
CHR - default_search_provider: suggest_url = ,
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Disabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Disabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
CHR - Extension: Dokumenty Google = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Skype Click to Call = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Pe\u0148a\u017Eenka Google = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/01/27 22:53:49 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [mncpoborSrv] C:\Windows\inf\mncpobor.vbe ()
O4 - HKLM..\Run: [MSStp] C:\Windows\SysWOW64\msstp.vbe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3477457955-4250271348-77972968-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3477457955-4250271348-77972968-1000..\Run: [Windows] C:\Users\Public\Public Documents\Windows Movie Player\player.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0633A4ED-B8AD-4751-85E4-4ACA2A19E5C2}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{26bb5e3d-3722-11e3-90cf-d43d7e277f36}\Shell - "" = AutoRun
O33 - MountPoints2\{26bb5e3d-3722-11e3-90cf-d43d7e277f36}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{55e94e70-4dfe-11e3-8fe5-d43d7e277f36}\Shell - "" = AutoRun
O33 - MountPoints2\{55e94e70-4dfe-11e3-8fe5-d43d7e277f36}\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{a4227617-7eab-11e3-bf9c-d43d7e277f36}\Shell - "" = AutoRun
O33 - MountPoints2\{a4227617-7eab-11e3-bf9c-d43d7e277f36}\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/01/28 22:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2014/01/28 17:52:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/28 17:50:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\sabina\Desktop\OTL.exe
[2014/01/27 18:00:02 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\klamar
[2014/01/27 15:28:50 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\RK_Quarantine
[2014/01/27 13:25:37 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\Nový priečinok (2)
[2014/01/25 22:44:02 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\zaloha
[2014/01/25 21:26:24 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\Malwarebytes
[2014/01/25 21:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/25 21:26:18 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/01/25 21:26:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/01/25 21:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/25 19:28:24 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/01/25 19:28:24 | 000,000,000 | ---D | C] -- C:\rsit
[2014/01/24 17:39:38 | 000,077,144 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTBD64.sys
[2014/01/24 17:39:33 | 000,150,648 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2014/01/24 17:39:32 | 002,280,568 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2014/01/24 17:39:31 | 001,690,744 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2014/01/24 17:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2014/01/24 17:31:55 | 000,253,256 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2014/01/24 17:31:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2014/01/24 17:31:25 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\AVAST Software
[2014/01/24 17:31:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/24 17:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2014/01/24 17:30:59 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\TestApp
[2014/01/24 17:30:58 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/01/24 17:30:56 | 001,034,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/24 17:30:56 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/01/24 17:30:56 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/24 17:30:55 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/01/24 17:30:53 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/24 17:30:45 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/24 17:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/24 17:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/24 17:25:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Company
[2014/01/24 17:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod
[2014/01/24 17:25:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod
[2014/01/23 16:54:01 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\telenovela
[2014/01/20 21:54:36 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\Origin
[2014/01/20 21:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2014/01/20 19:33:55 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/20 19:33:54 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/19 12:31:44 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\Carrie.2013.720p.BluRay.x264-SPARKS
[2014/01/19 12:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/01/16 00:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC
[2014/01/16 00:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\HTC
[2014/01/16 00:09:15 | 000,000,000 | ---D | C] -- C:\Temp
[2014/01/15 11:45:20 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/01/15 11:45:20 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/01/15 11:45:18 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/01/13 17:46:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2014/01/13 17:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
[2014/01/13 17:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2014/01/13 17:46:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Photo Creations
[2014/01/13 17:46:04 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\HpUpdate
[2014/01/13 17:45:52 | 000,755,744 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\HPDiscoPMC211.dll
[2014/01/13 17:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/01/13 17:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014/01/13 17:44:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2014/01/13 17:44:02 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/01/13 17:43:26 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Local\HP
[2014/01/09 15:54:46 | 000,000,000 | ---D | C] -- C:\Users\sabina\Documents\Electronic Arts
[2014/01/09 15:54:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Catalyst
[2014/01/09 08:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2014/01/09 08:18:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014/01/09 08:18:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014/01/09 08:18:57 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014/01/09 08:18:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014/01/09 08:18:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014/01/09 08:18:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014/01/09 08:18:55 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014/01/09 08:18:55 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014/01/09 08:18:55 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014/01/09 08:18:55 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014/01/09 08:18:54 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014/01/09 08:18:54 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014/01/09 08:18:54 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014/01/09 08:18:54 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014/01/09 08:18:53 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014/01/09 08:18:53 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014/01/09 08:18:51 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014/01/09 08:18:51 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014/01/09 08:18:51 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014/01/09 08:18:51 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014/01/09 08:18:50 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014/01/09 08:18:50 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014/01/09 08:18:50 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014/01/09 08:18:50 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014/01/09 08:18:49 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014/01/09 08:18:49 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014/01/09 08:18:48 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014/01/09 08:18:48 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2014/01/09 08:18:47 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014/01/09 08:18:47 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014/01/09 08:18:46 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014/01/09 08:18:46 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014/01/09 08:18:46 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014/01/09 08:18:46 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014/01/09 08:18:45 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014/01/09 08:18:45 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014/01/09 08:18:44 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014/01/09 08:18:44 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014/01/09 08:18:43 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014/01/09 08:18:43 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014/01/09 08:18:43 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014/01/09 08:18:43 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014/01/09 08:18:42 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2014/01/09 08:18:42 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2014/01/09 08:18:41 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014/01/09 08:18:41 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014/01/09 08:18:41 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014/01/09 08:18:41 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014/01/09 08:18:40 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014/01/09 08:18:40 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014/01/09 08:18:39 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014/01/09 08:18:39 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014/01/09 08:18:39 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014/01/09 08:18:39 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014/01/09 08:18:38 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014/01/09 08:18:38 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014/01/09 08:18:38 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014/01/09 08:18:38 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014/01/09 08:18:37 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014/01/09 08:18:37 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014/01/09 08:18:29 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014/01/09 08:18:29 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014/01/09 08:18:28 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014/01/09 08:18:28 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014/01/09 08:18:28 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014/01/09 08:18:28 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014/01/09 08:18:27 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014/01/09 08:18:27 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014/01/09 08:18:26 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014/01/09 08:18:26 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014/01/09 08:18:25 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014/01/09 08:18:25 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014/01/09 08:18:24 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014/01/09 08:18:24 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014/01/09 08:18:23 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014/01/09 08:18:23 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014/01/09 08:18:22 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014/01/09 08:18:22 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014/01/08 23:37:33 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\sims
[2014/01/03 00:45:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Skillbrains
[2014/01/03 00:45:34 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
[2014/01/03 00:45:31 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Local\Skillbrains
[2014/01/03 00:45:11 | 002,727,456 | ---- | C] (Skillbrains ) -- C:\Users\sabina\Desktop\setup-lightshot.exe
[2014/01/02 03:33:23 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\slender man
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\sabina\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy
7,99 Gb Total Physical Memory | 6,45 Gb Available Physical Memory | 80,75% Memory free
15,98 Gb Paging File | 14,11 Gb Available in Paging File | 88,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 757,38 Gb Free Space | 81,31% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 84,74 Mb Free Space | 84,75% Space Free | Partition Type: NTFS
Computer Name: SABINA-PC | User Name: sabina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/28 17:50:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sabina\Desktop\OTL.exe
PRC - [2014/01/24 17:30:41 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/24 17:30:41 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/01/23 06:57:02 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/07/23 23:57:42 | 002,251,360 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winamp.exe
PRC - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/12/07 18:27:50 | 000,167,424 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
========== Modules (No Company Name) ==========
MOD - [2014/01/24 17:30:44 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/01/23 06:57:00 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppgooglenaclpluginchrome.dll
MOD - [2014/01/23 06:56:56 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
MOD - [2014/01/23 06:56:02 | 000,715,544 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libglesv2.dll
MOD - [2014/01/23 06:56:01 | 000,100,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\libegl.dll
MOD - [2014/01/23 06:55:58 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ffmpegsumo.dll
MOD - [2014/01/20 19:33:52 | 016,287,624 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/01/24 17:30:41 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/11/26 10:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/11/02 15:09:38 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/05/04 14:40:36 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2013/12/21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/02 15:09:28 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/10/26 02:53:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/09 09:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/25 23:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/01/18 07:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/12/07 18:27:50 | 000,167,424 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012/10/23 17:40:06 | 000,580,728 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/01/24 17:31:18 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/01/24 17:30:46 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/01/24 17:30:46 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/01/24 17:30:46 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/01/24 17:30:46 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/01/24 17:30:46 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/01/24 17:30:46 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/10/17 15:28:00 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/12/07 18:27:50 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2012/10/23 17:40:32 | 000,077,144 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCTBD64.sys -- (PCTBD)
DRV:64bit: - [2012/04/18 18:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/16 06:42:00 | 000,676,968 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/01/13 21:05:55 | 000,056,448 | R--- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2011/11/13 13:31:16 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 76 E9 63 A7 07 A1 CE 01 [binary data]
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... KB_skSK550
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes\4FC19F7FF664411CBBCAA3FC5CA6E9E0: "URL" = http://www.google.com/search?q={searchT ... KB_skSK550
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/24 17:30:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ [2014/01/24 17:39:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/11/04 14:31:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\sabina\AppData\Roaming\mozilla\Extensions
[2013/11/04 14:29:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/11/04 14:29:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchT ... KB_skSK550
CHR - default_search_provider: suggest_url = ,
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Disabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Disabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Disabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
CHR - Extension: Dokumenty Google = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: H\u013Eada\u0165 v Google = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Skype Click to Call = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.13.0.13771_0\
CHR - Extension: Pe\u0148a\u017Eenka Google = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\sabina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2014/01/27 22:53:49 | 000,000,741 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Printsrv] c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs File not found
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [mncpoborSrv] C:\Windows\inf\mncpobor.vbe ()
O4 - HKLM..\Run: [MSStp] C:\Windows\SysWOW64\msstp.vbe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3477457955-4250271348-77972968-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-3477457955-4250271348-77972968-1000..\Run: [Windows] C:\Users\Public\Public Documents\Windows Movie Player\player.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0633A4ED-B8AD-4751-85E4-4ACA2A19E5C2}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{26bb5e3d-3722-11e3-90cf-d43d7e277f36}\Shell - "" = AutoRun
O33 - MountPoints2\{26bb5e3d-3722-11e3-90cf-d43d7e277f36}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{55e94e70-4dfe-11e3-8fe5-d43d7e277f36}\Shell - "" = AutoRun
O33 - MountPoints2\{55e94e70-4dfe-11e3-8fe5-d43d7e277f36}\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\{a4227617-7eab-11e3-bf9c-d43d7e277f36}\Shell - "" = AutoRun
O33 - MountPoints2\{a4227617-7eab-11e3-bf9c-d43d7e277f36}\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\HTC_Sync_Manager_PC.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\HTC_Sync_Manager_PC.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/01/28 22:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2014/01/28 17:52:01 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/28 17:50:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\sabina\Desktop\OTL.exe
[2014/01/27 18:00:02 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\klamar
[2014/01/27 15:28:50 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\RK_Quarantine
[2014/01/27 13:25:37 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\Nový priečinok (2)
[2014/01/25 22:44:02 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\zaloha
[2014/01/25 21:26:24 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\Malwarebytes
[2014/01/25 21:26:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/25 21:26:18 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/01/25 21:26:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/01/25 21:26:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/01/25 19:28:24 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/01/25 19:28:24 | 000,000,000 | ---D | C] -- C:\rsit
[2014/01/24 17:39:38 | 000,077,144 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTBD64.sys
[2014/01/24 17:39:33 | 000,150,648 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll
[2014/01/24 17:39:32 | 002,280,568 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll
[2014/01/24 17:39:31 | 001,690,744 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll
[2014/01/24 17:37:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2014/01/24 17:31:55 | 000,253,256 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2014/01/24 17:31:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2014/01/24 17:31:25 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\AVAST Software
[2014/01/24 17:31:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/24 17:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2014/01/24 17:30:59 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\TestApp
[2014/01/24 17:30:58 | 000,079,672 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/01/24 17:30:56 | 001,034,464 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/24 17:30:56 | 000,422,216 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/01/24 17:30:56 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/24 17:30:55 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/01/24 17:30:53 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/24 17:30:45 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/24 17:30:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/24 17:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/24 17:25:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Company
[2014/01/24 17:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod
[2014/01/24 17:25:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod
[2014/01/23 16:54:01 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\telenovela
[2014/01/20 21:54:36 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\Origin
[2014/01/20 21:53:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2014/01/20 19:33:55 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/20 19:33:54 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/19 12:31:44 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\Carrie.2013.720p.BluRay.x264-SPARKS
[2014/01/19 12:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/01/16 00:09:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC
[2014/01/16 00:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\HTC
[2014/01/16 00:09:15 | 000,000,000 | ---D | C] -- C:\Temp
[2014/01/15 11:45:20 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2014/01/15 11:45:20 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2014/01/15 11:45:18 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2014/01/13 17:46:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
[2014/01/13 17:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan
[2014/01/13 17:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2014/01/13 17:46:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP Photo Creations
[2014/01/13 17:46:04 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\HpUpdate
[2014/01/13 17:45:52 | 000,755,744 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\HPDiscoPMC211.dll
[2014/01/13 17:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2014/01/13 17:45:00 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014/01/13 17:44:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2014/01/13 17:44:02 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2014/01/13 17:43:26 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Local\HP
[2014/01/09 15:54:46 | 000,000,000 | ---D | C] -- C:\Users\sabina\Documents\Electronic Arts
[2014/01/09 15:54:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Catalyst
[2014/01/09 08:19:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2014/01/09 08:18:58 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2014/01/09 08:18:58 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2014/01/09 08:18:57 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2014/01/09 08:18:57 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2014/01/09 08:18:57 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2014/01/09 08:18:57 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2014/01/09 08:18:55 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2014/01/09 08:18:55 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2014/01/09 08:18:55 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2014/01/09 08:18:55 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2014/01/09 08:18:54 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2014/01/09 08:18:54 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2014/01/09 08:18:54 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2014/01/09 08:18:54 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2014/01/09 08:18:53 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2014/01/09 08:18:53 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2014/01/09 08:18:51 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2014/01/09 08:18:51 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2014/01/09 08:18:51 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2014/01/09 08:18:51 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2014/01/09 08:18:50 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2014/01/09 08:18:50 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2014/01/09 08:18:50 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2014/01/09 08:18:50 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2014/01/09 08:18:49 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2014/01/09 08:18:49 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2014/01/09 08:18:48 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2014/01/09 08:18:48 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2014/01/09 08:18:47 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2014/01/09 08:18:47 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2014/01/09 08:18:46 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2014/01/09 08:18:46 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2014/01/09 08:18:46 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2014/01/09 08:18:46 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2014/01/09 08:18:45 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2014/01/09 08:18:45 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2014/01/09 08:18:44 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2014/01/09 08:18:44 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2014/01/09 08:18:43 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2014/01/09 08:18:43 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2014/01/09 08:18:43 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2014/01/09 08:18:43 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2014/01/09 08:18:42 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2014/01/09 08:18:42 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2014/01/09 08:18:41 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2014/01/09 08:18:41 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2014/01/09 08:18:41 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2014/01/09 08:18:41 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2014/01/09 08:18:40 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2014/01/09 08:18:40 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2014/01/09 08:18:39 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2014/01/09 08:18:39 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2014/01/09 08:18:39 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2014/01/09 08:18:39 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2014/01/09 08:18:38 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2014/01/09 08:18:38 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2014/01/09 08:18:38 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2014/01/09 08:18:38 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2014/01/09 08:18:37 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2014/01/09 08:18:37 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2014/01/09 08:18:29 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2014/01/09 08:18:29 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2014/01/09 08:18:28 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2014/01/09 08:18:28 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2014/01/09 08:18:28 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2014/01/09 08:18:28 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2014/01/09 08:18:27 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2014/01/09 08:18:27 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2014/01/09 08:18:26 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2014/01/09 08:18:26 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2014/01/09 08:18:25 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2014/01/09 08:18:25 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2014/01/09 08:18:24 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2014/01/09 08:18:24 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2014/01/09 08:18:23 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2014/01/09 08:18:23 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2014/01/09 08:18:22 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2014/01/09 08:18:22 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2014/01/08 23:37:33 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\sims
[2014/01/03 00:45:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Skillbrains
[2014/01/03 00:45:34 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
[2014/01/03 00:45:31 | 000,000,000 | ---D | C] -- C:\Users\sabina\AppData\Local\Skillbrains
[2014/01/03 00:45:11 | 002,727,456 | ---- | C] (Skillbrains ) -- C:\Users\sabina\Desktop\setup-lightshot.exe
[2014/01/02 03:33:23 | 000,000,000 | ---D | C] -- C:\Users\sabina\Desktop\slender man
-
sabrina.sms
- Návštěvník
- Příspěvky: 21
- Registrován: 25 led 2014 18:53
Re: Spomalený internet,YT videa nefungujú atď.
========== Files - Modified Within 30 Days ==========
[2014/01/30 20:12:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/30 20:08:36 | 000,935,175 | ---- | M] () -- C:\Users\sabina\Desktop\RSITx64.exe
[2014/01/30 16:45:19 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/30 16:45:19 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/30 16:45:19 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/30 08:09:33 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/30 08:09:33 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/30 08:03:57 | 000,000,860 | ---- | M] () -- C:\Users\sabina\rgmnr
[2014/01/30 08:02:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/30 08:01:58 | 2140,159,999 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/29 18:40:06 | 1537,034,240 | ---- | M] () -- C:\Users\sabina\Desktop\Lovci myšlenek.avi
[2014/01/29 18:36:49 | 005,166,271 | ---- | M] () -- C:\Users\sabina\Desktop\Son-by-four---Cuando-seas-mía-(dlouhá-verze).mp3
[2014/01/28 22:30:44 | 000,781,383 | ---- | M] () -- C:\Users\sabina\Desktop\RSIT.exe
[2014/01/28 19:20:58 | 731,895,808 | ---- | M] () -- C:\Users\sabina\Desktop\Sexy party 1.avi
[2014/01/28 17:50:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sabina\Desktop\OTL.exe
[2014/01/28 14:31:13 | 000,015,311 | ---- | M] () -- C:\Users\sabina\Desktop\[CzT]Lovci_myslenek_Mindhunters_2004_.torrent
[2014/01/28 14:24:55 | 781,099,008 | ---- | M] () -- C:\Users\sabina\Desktop\Nepřítel pod ochranou.avi
[2014/01/28 12:59:20 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/27 18:31:36 | 941,850,150 | ---- | M] () -- C:\Users\sabina\Desktop\Ve jménu Angela.avi
[2014/01/27 17:59:52 | 000,024,003 | ---- | M] () -- C:\Users\sabina\Desktop\[CzT]Klamari_Lie_to_me_1_serie_SK_.torrent
[2014/01/27 15:28:28 | 003,792,384 | ---- | M] () -- C:\Users\sabina\Desktop\RogueKiller (1).exe
[2014/01/27 15:22:48 | 003,792,384 | ---- | M] () -- C:\Users\sabina\Desktop\RogueKiller.exe
[2014/01/25 21:26:19 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/25 19:58:59 | 910,028,612 | ---- | M] () -- C:\Users\sabina\Desktop\Případ číslo 39.avi
[2014/01/25 14:09:06 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/24 17:32:24 | 002,015,705 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2014/01/24 17:31:18 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/01/24 17:31:05 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\avast! Emergency Update.job
[2014/01/24 17:30:46 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/24 17:30:46 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/01/24 17:30:46 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/24 17:30:46 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/01/24 17:30:46 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/01/24 17:30:46 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/24 17:30:46 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/01/24 17:30:45 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/20 19:33:55 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/20 19:33:54 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/19 12:28:08 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
[2014/01/17 11:42:00 | 001,220,902 | ---- | M] () -- C:\Users\sabina\Desktop\komunitny_plan_socialnych_sluzieb_mesta_pe_2012_2022.pdf
[2014/01/17 00:14:44 | 000,227,597 | ---- | M] () -- C:\Users\sabina\Desktop\statnicove_otazky_bc (1).pdf
[2014/01/16 16:36:08 | 000,195,896 | ---- | M] () -- C:\Users\sabina\Desktop\Antrag_auf_Ausstellung_des_Formulares_E_106.pdf
[2014/01/16 13:42:56 | 003,031,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/15 00:51:13 | 035,322,222 | ---- | M] () -- C:\Users\sabina\Desktop\psdjosip.rar
[2014/01/14 13:20:29 | 000,418,788 | ---- | M] () -- C:\Users\sabina\Desktop\Vko prelozenie ziv..jpg
[2014/01/14 12:48:49 | 000,042,621 | ---- | M] () -- C:\Users\sabina\Desktop\Standortverlegung-Formular.pdf
[2014/01/14 12:43:14 | 000,183,959 | ---- | M] () -- C:\Users\sabina\Desktop\hela-SZ.zip
[2014/01/13 19:03:59 | 000,526,382 | ---- | M] () -- C:\Users\sabina\Desktop\Scan.jpg
[2014/01/13 17:49:48 | 000,000,764 | ---- | M] () -- C:\Windows\tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
[2014/01/13 17:49:47 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
[2014/01/13 17:49:32 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
[2014/01/13 17:46:31 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/01/13 17:45:51 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk
[2014/01/13 17:45:51 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 2540 series.lnk
[2014/01/13 17:43:58 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2014/01/13 10:25:54 | 000,001,418 | --S- | M] () -- C:\Windows\SysWow64\msstp.vbe
[2014/01/13 00:27:33 | 000,227,597 | ---- | M] () -- C:\Users\sabina\Desktop\statnicove_otazky_bc.pdf
[2014/01/03 02:06:20 | 1963,524,096 | ---- | M] () -- C:\Users\sabina\Desktop\Válka Bohů.avi
[2014/01/03 00:45:37 | 000,000,443 | ---- | M] () -- C:\Users\sabina\AppData\Local\UserProducts.xml
[2014/01/03 00:45:37 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
[2014/01/03 00:45:36 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-sys.job
[2014/01/03 00:45:21 | 002,727,456 | ---- | M] (Skillbrains ) -- C:\Users\sabina\Desktop\setup-lightshot.exe
[2014/01/01 22:21:18 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
========== Files Created - No Company Name ==========
[2014/01/30 20:08:29 | 000,935,175 | ---- | C] () -- C:\Users\sabina\Desktop\RSITx64.exe
[2014/01/29 18:35:56 | 005,166,271 | ---- | C] () -- C:\Users\sabina\Desktop\Son-by-four---Cuando-seas-mía-(dlouhá-verze).mp3
[2014/01/28 22:30:41 | 000,781,383 | ---- | C] () -- C:\Users\sabina\Desktop\RSIT.exe
[2014/01/28 21:59:04 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/28 14:31:45 | 1537,034,240 | ---- | C] () -- C:\Users\sabina\Desktop\Lovci myšlenek.avi
[2014/01/28 14:31:12 | 000,015,311 | ---- | C] () -- C:\Users\sabina\Desktop\[CzT]Lovci_myslenek_Mindhunters_2004_.torrent
[2014/01/28 14:27:14 | 731,895,808 | ---- | C] () -- C:\Users\sabina\Desktop\Sexy party 1.avi
[2014/01/28 14:12:13 | 781,099,008 | ---- | C] () -- C:\Users\sabina\Desktop\Nepřítel pod ochranou.avi
[2014/01/27 17:59:52 | 000,024,003 | ---- | C] () -- C:\Users\sabina\Desktop\[CzT]Klamari_Lie_to_me_1_serie_SK_.torrent
[2014/01/27 15:28:26 | 003,792,384 | ---- | C] () -- C:\Users\sabina\Desktop\RogueKiller (1).exe
[2014/01/27 15:22:47 | 003,792,384 | ---- | C] () -- C:\Users\sabina\Desktop\RogueKiller.exe
[2014/01/25 21:26:19 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/25 19:25:15 | 910,028,612 | ---- | C] () -- C:\Users\sabina\Desktop\Případ číslo 39.avi
[2014/01/24 19:47:26 | 000,000,860 | ---- | C] () -- C:\Users\sabina\rgmnr
[2014/01/24 17:39:34 | 000,769,144 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2014/01/24 17:39:33 | 000,003,488 | ---- | C] () -- C:\Windows\UDB.zip
[2014/01/24 17:39:33 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2014/01/24 17:39:33 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2014/01/24 17:39:33 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2014/01/24 17:32:14 | 002,015,705 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2014/01/24 17:31:22 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/24 17:31:05 | 000,000,350 | -H-- | C] () -- C:\Windows\tasks\avast! Emergency Update.job
[2014/01/24 17:30:58 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/01/24 17:30:56 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/01/24 17:25:22 | 000,001,418 | --S- | C] () -- C:\Windows\SysWow64\msstp.vbe
[2014/01/23 21:29:17 | 941,850,150 | ---- | C] () -- C:\Users\sabina\Desktop\Ve jménu Angela.avi
[2014/01/19 12:28:08 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
[2014/01/19 12:21:30 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/17 11:41:57 | 001,220,902 | ---- | C] () -- C:\Users\sabina\Desktop\komunitny_plan_socialnych_sluzieb_mesta_pe_2012_2022.pdf
[2014/01/17 00:14:44 | 000,227,597 | ---- | C] () -- C:\Users\sabina\Desktop\statnicove_otazky_bc (1).pdf
[2014/01/16 16:36:08 | 000,195,896 | ---- | C] () -- C:\Users\sabina\Desktop\Antrag_auf_Ausstellung_des_Formulares_E_106.pdf
[2014/01/15 00:50:47 | 035,322,222 | ---- | C] () -- C:\Users\sabina\Desktop\psdjosip.rar
[2014/01/14 13:19:59 | 000,418,788 | ---- | C] () -- C:\Users\sabina\Desktop\Vko prelozenie ziv..jpg
[2014/01/14 12:48:48 | 000,042,621 | ---- | C] () -- C:\Users\sabina\Desktop\Standortverlegung-Formular.pdf
[2014/01/14 12:43:11 | 000,183,959 | ---- | C] () -- C:\Users\sabina\Desktop\hela-SZ.zip
[2014/01/13 19:03:30 | 000,526,382 | ---- | C] () -- C:\Users\sabina\Desktop\Scan.jpg
[2014/01/13 17:49:48 | 000,000,764 | ---- | C] () -- C:\Windows\tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
[2014/01/13 17:49:47 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
[2014/01/13 17:49:32 | 000,000,286 | ---- | C] () -- C:\Windows\tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
[2014/01/13 17:46:31 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/01/13 17:45:51 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk
[2014/01/13 17:45:51 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 2540 series.lnk
[2014/01/13 17:43:58 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/01/13 00:27:32 | 000,227,597 | ---- | C] () -- C:\Users\sabina\Desktop\statnicove_otazky_bc.pdf
[2014/01/03 01:41:48 | 1963,524,096 | ---- | C] () -- C:\Users\sabina\Desktop\Válka Bohů.avi
[2014/01/03 00:45:37 | 000,000,443 | ---- | C] () -- C:\Users\sabina\AppData\Local\UserProducts.xml
[2014/01/03 00:45:37 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
[2014/01/03 00:45:36 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\update-sys.job
[2013/09/18 15:40:56 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2013/09/18 15:40:55 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2013/09/18 15:40:55 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2013/09/18 15:40:55 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2013/09/18 15:40:55 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2013/09/18 15:40:55 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2013/09/18 15:40:55 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2013/09/18 15:40:55 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2013/09/18 15:40:55 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2013/09/18 15:40:55 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2013/09/18 15:40:55 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2013/09/18 15:40:55 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2013/09/18 15:40:55 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2013/09/18 15:40:54 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2013/09/18 15:40:54 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2013/09/18 15:40:54 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2013/09/18 15:40:54 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2013/09/18 15:40:54 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2013/09/18 15:40:54 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2013/09/18 15:22:29 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX6000EFDG.ini
[2013/09/09 12:09:23 | 000,000,000 | ---- | C] () -- C:\Users\sabina\regbcm
[2012/05/04 14:37:46 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/11/14 18:53:11 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\AnvSoft
[2014/01/24 17:31:25 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\AVAST Software
[2014/01/07 21:43:50 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\CoreFTP
[2014/01/19 01:01:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\DAEMON Tools Lite
[2013/08/25 15:01:31 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\LolClient
[2013/11/02 14:40:23 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Notepad++
[2013/08/24 21:52:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\OpenCandy
[2014/01/20 21:59:00 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Origin
[2013/08/25 13:47:07 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Riot Games
[2013/10/27 21:37:21 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Seznam.cz
[2014/01/24 17:30:59 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\TestApp
[2014/01/29 20:17:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,032,554 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014/01/03 00:45:36 | 000,000,390 | ---- | C] () -- C:\Windows\Tasks\update-sys.job
[2014/01/03 00:45:37 | 000,000,390 | ---- | C] () -- C:\Windows\Tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
[2014/01/13 17:49:32 | 000,000,286 | ---- | C] () -- C:\Windows\Tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
[2014/01/13 17:49:47 | 000,000,346 | ---- | C] () -- C:\Windows\Tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
[2014/01/13 17:49:48 | 000,000,764 | ---- | C] () -- C:\Windows\Tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
[2014/01/19 12:28:08 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
[2014/01/24 17:31:05 | 000,000,350 | -H-- | C] () -- C:\Windows\Tasks\avast! Emergency Update.job
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010/11/21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013/07/06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013/11/26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[11 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5f8ddf13b2c0a8d95484a04807947d35\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5f8ddf13b2c0a8d95484a04807947d35\*.tmp -> ]
[33 C:\Windows\System32\spool\PRINTERS\*.tmp files -> C:\Windows\System32\spool\PRINTERS\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013/12/31 00:19:21 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Adobe
[2013/11/14 18:53:11 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\AnvSoft
[2013/11/14 08:34:48 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Apple Computer
[2014/01/24 17:31:25 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\AVAST Software
[2014/01/07 21:43:50 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\CoreFTP
[2014/01/19 01:01:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\DAEMON Tools Lite
[2014/01/20 19:30:52 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\HpUpdate
[2013/08/24 21:14:15 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Identities
[2013/08/25 15:01:31 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\LolClient
[2013/08/24 21:26:09 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Macromedia
[2014/01/25 21:26:24 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Malwarebytes
[2011/04/12 09:45:23 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Media Center Programs
[2013/12/06 10:05:54 | 000,000,000 | --SD | M] -- C:\Users\sabina\AppData\Roaming\Microsoft
[2013/11/04 14:31:00 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Mozilla
[2013/11/02 14:40:23 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Notepad++
[2013/11/02 16:24:46 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\NVIDIA
[2013/08/24 21:52:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\OpenCandy
[2014/01/20 21:59:00 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Origin
[2013/08/25 13:47:07 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Riot Games
[2013/10/26 00:11:21 | 000,000,000 | RH-D | M] -- C:\Users\sabina\AppData\Roaming\SecuROM
[2013/10/27 21:37:21 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Seznam.cz
[2013/12/24 01:47:14 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Skype
[2014/01/24 17:30:59 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\TestApp
[2014/01/29 20:17:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\uTorrent
[2014/01/20 21:52:45 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\vlc
[2014/01/29 18:35:53 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Winamp
[2013/09/11 13:49:07 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2013/08/24 21:52:55 | 000,914,400 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\OpenCandy\B1D771663B804D1C8EA16D4FF9C4CA3F\PasswordBoxCHSTORE_p1v0.exe
[2013/05/16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\szninstall.exe
[2013/05/16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013/04/29 11:53:34 | 000,045,560 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013/04/12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013/04/12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013/04/16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011/12/19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\sabina\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013/04/16 12:52:36 | 000,077,824 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014/01/24 17:31:05 | 000,000,350 | -H-- | M] () -- C:\Windows\Tasks\avast! Emergency Update.job
[2014/01/19 12:28:08 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
[2014/01/13 17:49:48 | 000,000,764 | ---- | M] () -- C:\Windows\Tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
[2014/01/13 17:49:47 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
[2014/01/13 17:49:32 | 000,000,286 | ---- | M] () -- C:\Windows\Tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
[2014/01/03 00:45:37 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
[2014/01/03 00:45:36 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\update-sys.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
[2008/08/07 11:28:04 | 001,159,409 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\Presets\Image - Special Effects\Cracked Tiles.ffx
[2008/03/04 01:53:00 | 000,380,612 | ---- | M] () -- \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\crack.exe
[2008/11/24 20:41:12 | 002,017,792 | ---- | M] () -- \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\Návod na crack k NOD32.doc
[2014/01/24 17:25:23 | 000,001,581 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod.lnk
[2014/01/24 17:25:23 | 000,001,581 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod.lnk
[2013/09/14 14:19:04 | 003,081,184 | ---- | M] () -- \Users\sabina\Desktop\zaloha\Music\Freestylers---Cracks-(Ft-Belle-Humble)-(Flux-Pavilion-Remix).mp3
< *keygen* /s >
[2013/11/02 14:36:47 | 000,025,669 | ---- | M] () -- \Users\sabina\AppData\Roaming\uTorrent\Adobe Photoshop CS4 + Keygen.rar.torrent
[2013/11/02 14:54:36 | 1339,820,827 | ---- | M] () -- \Users\sabina\Downloads\Adobe Photoshop CS4 + Keygen.rar
< *AntiWPA* /s >
< *loader* /s >
[2008/09/03 02:14:34 | 000,217,088 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\MXF_SDK_MetaMetadata_BinaryLoader_r.4.1.1.223.dll
[2008/08/28 19:34:20 | 004,965,736 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008/08/28 16:42:12 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008/08/28 16:42:16 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2008/08/26 01:32:24 | 000,217,088 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Media Encoder CS4\MXF_SDK_MetaMetadata_BinaryLoader_r.4.1.1.223.dll
[2013/08/29 15:23:40 | 000,078,336 | ---- | M] () -- \Program Files (x86)\AnvSoft\Any Video Converter\AVCDownloader.dll
[2008/08/14 07:23:12 | 000,009,969 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2013/04/21 21:44:16 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006/10/26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2009/10/06 05:08:30 | 000,145,082 | ---- | M] () -- \Program Files (x86)\HP\HP Deskjet 2540 series\bin\HelpViewer\Resources\Loader.gif
[2003/07/03 23:38:00 | 000,006,995 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoader.xs
[2003/07/03 23:37:36 | 000,002,522 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderaggboom.xs
[2003/07/03 23:37:28 | 000,002,734 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderbalanced.xs
[2003/07/03 23:37:18 | 000,002,486 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderboom.xs
[2003/07/03 23:37:08 | 000,002,522 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderdefboom.xs
[2003/07/03 23:37:04 | 000,002,491 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderdefrush.xs
[2003/07/03 23:36:56 | 000,002,494 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderecorush.xs
[2003/07/03 23:36:50 | 000,002,488 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderrush.xs
[2011/02/21 12:35:14 | 000,107,520 | ---- | M] () -- \Program Files (x86)\Mio\MioMore Desktop 7.30\MiniDownloaderSvr.dll
[2011/07/18 22:33:32 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2011/10/17 13:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011/10/17 12:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011/11/06 10:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011/11/10 14:55:50 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2011/09/23 23:19:26 | 000,228,352 | ---- | M] () -- \Program Files (x86)\Ubisoft\Driver San Francisco\ubiorbitapi_r2_loader.dll
[2011/08/30 14:21:56 | 000,171,320 | ---- | M] () -- \Program Files (x86)\Ubisoft\Driver San Francisco\uplay_r1_loader.dll
[2013/06/19 14:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013/06/19 14:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013/11/11 14:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/11/11 14:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013/06/19 14:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013/08/25 14:06:34 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.69\deploy\assets\storeImages\layout\small_loader.gif
[2013/06/19 14:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013/06/19 14:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013/11/11 14:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/11/11 14:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013/06/19 14:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013/09/27 13:40:02 | 000,492,832 | ---- | M] () -- \Users\sabina\AppData\Local\Skillbrains\lightshot\4.4.2.10\uploader.dll
[2013/03/29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\sabina\AppData\Roaming\Seznam.cz\bin\25288libfoxloader.dll
[2013/04/15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\sabina\AppData\Roaming\Seznam.cz\bin\25291libfoxloader-x64.dll
[2013/10/17 15:29:30 | 000,000,165 | ---- | M] () -- \Users\sabina\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013/03/25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\sabina\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013/03/25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\sabina\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2010/09/21 07:45:44 | 002,639,424 | ---- | M] () -- \Users\sabina\Desktop\wow\BackgroundDownloader.exe
[2010/01/11 14:17:16 | 000,003,026 | ---- | M] () -- \Users\sabina\Desktop\wow\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2010/01/11 14:17:16 | 000,004,261 | ---- | M] () -- \Users\sabina\Desktop\wow\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2010/10/10 07:58:20 | 000,000,381 | ---- | M] () -- \Users\sabina\Desktop\wow\Interface\AddOns\Prat-3.0\pullouts\Prat-3.0_Loader\Prat-3.0_Loader.toc
[2012/11/24 22:57:56 | 000,099,505 | ---- | M] () -- \Users\sabina\Desktop\wow\Logs\Downloader.log
[2013/10/28 11:34:42 | 000,001,705 | ---- | M] () -- \Users\sabina\Desktop\zaloha\DENDO\fuzo\libs\Nette\loader.php
[2013/10/28 11:35:00 | 000,003,423 | ---- | M] () -- \Users\sabina\Desktop\zaloha\DENDO\fuzo\libs\Nette\Config\Loader.php
[2013/10/28 11:35:46 | 000,001,892 | ---- | M] () -- \Users\sabina\Desktop\zaloha\DENDO\fuzo\libs\Nette\Loaders\AutoLoader.php
[2013/10/28 11:35:46 | 000,004,358 | ---- | M] () -- \Users\sabina\Desktop\zaloha\DENDO\fuzo\libs\Nette\Loaders\NetteLoader.php
[2013/10/28 11:35:46 | 000,009,974 | ---- | M] () -- \Users\sabina\Desktop\zaloha\DENDO\fuzo\libs\Nette\Loaders\RobotLoader.php
[2013/10/17 15:37:17 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:50:25 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:51:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:50:25 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:51:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 10:26:26 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2011/06/03 10:26:26 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2011/06/03 10:26:26 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2011/06/03 10:26:26 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2011/06/03 10:26:26 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2013/08/26 00:23:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013/08/26 00:23:45 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013/08/26 00:23:45 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013/08/26 00:23:45 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013/08/26 00:23:46 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/06/03 10:24:25 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:50:25 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:51:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:50:25 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:51:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
[2008/08/14 07:56:12 | 000,003,942 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.csi.core.logging_1.0.0\com\adobe\csi\core\logging\Activator.class
[2008/08/14 07:56:10 | 000,001,489 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.drive.shutdown_1.0.0\com\adobe\drive\shutdown\Activator.class
< *serial* /s >
[2008/09/02 22:16:36 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\BadSerialNumberAlert.exv
[2008/09/02 22:16:36 | 000,001,561 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\CantChangeSerialNumberAlert.exv
[2008/09/02 22:16:36 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008/09/02 22:16:36 | 000,000,849 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\ReserializeAlert.exv
[2008/09/02 22:16:36 | 000,027,443 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\SerializationWF.exv
[2008/09/02 22:16:36 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\ar_AE\BadSerialNumberAlert.exv
[2008/09/02 22:16:36 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2008/09/02 22:16:36 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2008/09/02 22:16:36 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\ar_AE\ReserializeAlert.exv
[2008/09/02 22:16:36 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\ar_AE\SerializationWF.exv
[2008/09/02 22:16:38 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\he_IL\BadSerialNumberAlert.exv
[2008/09/02 22:16:38 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2008/09/02 22:16:38 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2008/09/02 22:16:38 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\he_IL\ReserializeAlert.exv
[2008/09/02 22:16:38 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\he_IL\SerializationWF.exv
[2008/08/28 16:40:42 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\LMResources\BadSerialNumberAlert.exv
[2008/08/28 16:40:42 | 000,001,561 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008/08/28 16:40:42 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008/08/28 16:40:42 | 000,000,849 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\LMResources\ReserializeAlert.exv
[2008/08/28 16:40:42 | 000,027,443 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\LMResources\SerializationWF.exv
[2008/08/06 10:45:18 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS4\LMResources\BadSerialNumberAlert.exv
[2008/08/06 10:45:18 | 000,001,561 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008/08/06 10:45:18 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008/08/06 10:45:18 | 000,000,849 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS4\LMResources\ReserializeAlert.exv
[2008/08/06 10:45:18 | 000,027,443 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS4\LMResources\SerializationWF.exv
[2008/09/19 04:10:54 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS4\lmresources\BadSerialNumberAlert.exv
[2008/09/19 04:10:54 | 000,001,561 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS4\lmresources\CantChangeSerialNumberAlert.exv
[2008/09/19 04:10:54 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS4\lmresources\InValidUpGradeSerialNumberAlert.exv
[2008/09/19 04:10:54 | 000,000,849 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS4\lmresources\ReserializeAlert.exv
[2008/09/19 04:10:54 | 000,027,443 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS4\lmresources\SerializationWF.exv
[2008/08/14 07:56:46 | 000,059,514 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.versioncue.serialization_4.0.0.jar
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2008/09/19 04:22:30 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\lmresources\BadSerialNumberAlert.exv
[2008/09/19 04:22:30 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\lmresources\CantChangeSerialNumberAlert.exv
[2008/09/19 04:22:30 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\lmresources\InValidUpGradeSerialNumberAlert.exv
[2008/09/19 04:22:30 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\lmresources\ReserializeAlert.exv
[2008/09/19 04:22:30 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\lmresources\SerializationWF.exv
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/10/26 12:37:10 | 000,000,246 | ---- | M] () -- \Users\sabina\AppData\Local\Rockstar Games\GTA IV\Settings\serial.dat
[2010/08/02 19:53:02 | 000,008,786 | ---- | M] () -- \Users\sabina\Desktop\wow\Interface\AddOns\epgp\libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010/08/02 19:53:02 | 000,000,216 | ---- | M] () -- \Users\sabina\Desktop\wow\Interface\AddOns\epgp\libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2009/12/25 12:06:30 | 000,008,824 | ---- | M] () -- \Users\sabina\Desktop\wow\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2009/12/25 12:06:30 | 000,000,219 | ---- | M] () -- \Users\sabina\Desktop\wow\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/26 14:23:10 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/26 14:23:33 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013/08/27 06:15:40 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/27 06:16:29 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013/10/10 16:33:55 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
[2013/08/26 14:27:00 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/26 14:29:04 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013/10/10 06:23:31 | 003,425,792 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\4d6c50c63ff4757f8825b82fb18eae3d\System.Runtime.Serialization.ni.dll
[2013/08/27 06:25:30 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b00c987c6d13ba24a30b471ae12a23d5\System.Runtime.Serialization.ni.dll
[2013/08/27 06:25:41 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/27 06:29:22 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2010/03/18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.amd64
[2010/03/18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.x86
[2013/10/10 00:06:21 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/10/10 00:06:20 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/10/10 00:06:24 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2011/06/03 10:25:46 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011/06/03 10:25:46 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2011/06/03 10:25:45 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009/07/14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011/06/03 10:25:53 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013/08/26 00:23:46 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013/08/26 00:23:46 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011/06/03 10:26:25 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009/07/14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011/06/03 10:26:25 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 04:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 04:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 04:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011/06/03 10:25:01 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 19:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 18:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010/11/21 04:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 04:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010/11/21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011/06/03 10:25:46 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/11/21 04:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 172 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:373E1720
< End of report >
[2014/01/30 20:12:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/01/30 20:08:36 | 000,935,175 | ---- | M] () -- C:\Users\sabina\Desktop\RSITx64.exe
[2014/01/30 16:45:19 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/30 16:45:19 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/30 16:45:19 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/30 08:09:33 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/30 08:09:33 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/30 08:03:57 | 000,000,860 | ---- | M] () -- C:\Users\sabina\rgmnr
[2014/01/30 08:02:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/30 08:01:58 | 2140,159,999 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/29 18:40:06 | 1537,034,240 | ---- | M] () -- C:\Users\sabina\Desktop\Lovci myšlenek.avi
[2014/01/29 18:36:49 | 005,166,271 | ---- | M] () -- C:\Users\sabina\Desktop\Son-by-four---Cuando-seas-mía-(dlouhá-verze).mp3
[2014/01/28 22:30:44 | 000,781,383 | ---- | M] () -- C:\Users\sabina\Desktop\RSIT.exe
[2014/01/28 19:20:58 | 731,895,808 | ---- | M] () -- C:\Users\sabina\Desktop\Sexy party 1.avi
[2014/01/28 17:50:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\sabina\Desktop\OTL.exe
[2014/01/28 14:31:13 | 000,015,311 | ---- | M] () -- C:\Users\sabina\Desktop\[CzT]Lovci_myslenek_Mindhunters_2004_.torrent
[2014/01/28 14:24:55 | 781,099,008 | ---- | M] () -- C:\Users\sabina\Desktop\Nepřítel pod ochranou.avi
[2014/01/28 12:59:20 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/27 18:31:36 | 941,850,150 | ---- | M] () -- C:\Users\sabina\Desktop\Ve jménu Angela.avi
[2014/01/27 17:59:52 | 000,024,003 | ---- | M] () -- C:\Users\sabina\Desktop\[CzT]Klamari_Lie_to_me_1_serie_SK_.torrent
[2014/01/27 15:28:28 | 003,792,384 | ---- | M] () -- C:\Users\sabina\Desktop\RogueKiller (1).exe
[2014/01/27 15:22:48 | 003,792,384 | ---- | M] () -- C:\Users\sabina\Desktop\RogueKiller.exe
[2014/01/25 21:26:19 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/25 19:58:59 | 910,028,612 | ---- | M] () -- C:\Users\sabina\Desktop\Případ číslo 39.avi
[2014/01/25 14:09:06 | 000,002,010 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/24 17:32:24 | 002,015,705 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2014/01/24 17:31:18 | 000,079,672 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/01/24 17:31:05 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\avast! Emergency Update.job
[2014/01/24 17:30:46 | 001,034,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/24 17:30:46 | 000,422,216 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/01/24 17:30:46 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/24 17:30:46 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/01/24 17:30:46 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/01/24 17:30:46 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/24 17:30:46 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/01/24 17:30:45 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/20 19:33:55 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/01/20 19:33:54 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/19 12:28:08 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
[2014/01/17 11:42:00 | 001,220,902 | ---- | M] () -- C:\Users\sabina\Desktop\komunitny_plan_socialnych_sluzieb_mesta_pe_2012_2022.pdf
[2014/01/17 00:14:44 | 000,227,597 | ---- | M] () -- C:\Users\sabina\Desktop\statnicove_otazky_bc (1).pdf
[2014/01/16 16:36:08 | 000,195,896 | ---- | M] () -- C:\Users\sabina\Desktop\Antrag_auf_Ausstellung_des_Formulares_E_106.pdf
[2014/01/16 13:42:56 | 003,031,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/15 00:51:13 | 035,322,222 | ---- | M] () -- C:\Users\sabina\Desktop\psdjosip.rar
[2014/01/14 13:20:29 | 000,418,788 | ---- | M] () -- C:\Users\sabina\Desktop\Vko prelozenie ziv..jpg
[2014/01/14 12:48:49 | 000,042,621 | ---- | M] () -- C:\Users\sabina\Desktop\Standortverlegung-Formular.pdf
[2014/01/14 12:43:14 | 000,183,959 | ---- | M] () -- C:\Users\sabina\Desktop\hela-SZ.zip
[2014/01/13 19:03:59 | 000,526,382 | ---- | M] () -- C:\Users\sabina\Desktop\Scan.jpg
[2014/01/13 17:49:48 | 000,000,764 | ---- | M] () -- C:\Windows\tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
[2014/01/13 17:49:47 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
[2014/01/13 17:49:32 | 000,000,286 | ---- | M] () -- C:\Windows\tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
[2014/01/13 17:46:31 | 000,001,991 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/01/13 17:45:51 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk
[2014/01/13 17:45:51 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 2540 series.lnk
[2014/01/13 17:43:58 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2014/01/13 10:25:54 | 000,001,418 | --S- | M] () -- C:\Windows\SysWow64\msstp.vbe
[2014/01/13 00:27:33 | 000,227,597 | ---- | M] () -- C:\Users\sabina\Desktop\statnicove_otazky_bc.pdf
[2014/01/03 02:06:20 | 1963,524,096 | ---- | M] () -- C:\Users\sabina\Desktop\Válka Bohů.avi
[2014/01/03 00:45:37 | 000,000,443 | ---- | M] () -- C:\Users\sabina\AppData\Local\UserProducts.xml
[2014/01/03 00:45:37 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
[2014/01/03 00:45:36 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\update-sys.job
[2014/01/03 00:45:21 | 002,727,456 | ---- | M] (Skillbrains ) -- C:\Users\sabina\Desktop\setup-lightshot.exe
[2014/01/01 22:21:18 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
========== Files Created - No Company Name ==========
[2014/01/30 20:08:29 | 000,935,175 | ---- | C] () -- C:\Users\sabina\Desktop\RSITx64.exe
[2014/01/29 18:35:56 | 005,166,271 | ---- | C] () -- C:\Users\sabina\Desktop\Son-by-four---Cuando-seas-mía-(dlouhá-verze).mp3
[2014/01/28 22:30:41 | 000,781,383 | ---- | C] () -- C:\Users\sabina\Desktop\RSIT.exe
[2014/01/28 21:59:04 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/01/28 14:31:45 | 1537,034,240 | ---- | C] () -- C:\Users\sabina\Desktop\Lovci myšlenek.avi
[2014/01/28 14:31:12 | 000,015,311 | ---- | C] () -- C:\Users\sabina\Desktop\[CzT]Lovci_myslenek_Mindhunters_2004_.torrent
[2014/01/28 14:27:14 | 731,895,808 | ---- | C] () -- C:\Users\sabina\Desktop\Sexy party 1.avi
[2014/01/28 14:12:13 | 781,099,008 | ---- | C] () -- C:\Users\sabina\Desktop\Nepřítel pod ochranou.avi
[2014/01/27 17:59:52 | 000,024,003 | ---- | C] () -- C:\Users\sabina\Desktop\[CzT]Klamari_Lie_to_me_1_serie_SK_.torrent
[2014/01/27 15:28:26 | 003,792,384 | ---- | C] () -- C:\Users\sabina\Desktop\RogueKiller (1).exe
[2014/01/27 15:22:47 | 003,792,384 | ---- | C] () -- C:\Users\sabina\Desktop\RogueKiller.exe
[2014/01/25 21:26:19 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/25 19:25:15 | 910,028,612 | ---- | C] () -- C:\Users\sabina\Desktop\Případ číslo 39.avi
[2014/01/24 19:47:26 | 000,000,860 | ---- | C] () -- C:\Users\sabina\rgmnr
[2014/01/24 17:39:34 | 000,769,144 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2014/01/24 17:39:33 | 000,003,488 | ---- | C] () -- C:\Windows\UDB.zip
[2014/01/24 17:39:33 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml
[2014/01/24 17:39:33 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml
[2014/01/24 17:39:33 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip
[2014/01/24 17:32:14 | 002,015,705 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2014/01/24 17:31:22 | 000,002,010 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/24 17:31:05 | 000,000,350 | -H-- | C] () -- C:\Windows\tasks\avast! Emergency Update.job
[2014/01/24 17:30:58 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/01/24 17:30:56 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/01/24 17:25:22 | 000,001,418 | --S- | C] () -- C:\Windows\SysWow64\msstp.vbe
[2014/01/23 21:29:17 | 941,850,150 | ---- | C] () -- C:\Users\sabina\Desktop\Ve jménu Angela.avi
[2014/01/19 12:28:08 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
[2014/01/19 12:21:30 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/17 11:41:57 | 001,220,902 | ---- | C] () -- C:\Users\sabina\Desktop\komunitny_plan_socialnych_sluzieb_mesta_pe_2012_2022.pdf
[2014/01/17 00:14:44 | 000,227,597 | ---- | C] () -- C:\Users\sabina\Desktop\statnicove_otazky_bc (1).pdf
[2014/01/16 16:36:08 | 000,195,896 | ---- | C] () -- C:\Users\sabina\Desktop\Antrag_auf_Ausstellung_des_Formulares_E_106.pdf
[2014/01/15 00:50:47 | 035,322,222 | ---- | C] () -- C:\Users\sabina\Desktop\psdjosip.rar
[2014/01/14 13:19:59 | 000,418,788 | ---- | C] () -- C:\Users\sabina\Desktop\Vko prelozenie ziv..jpg
[2014/01/14 12:48:48 | 000,042,621 | ---- | C] () -- C:\Users\sabina\Desktop\Standortverlegung-Formular.pdf
[2014/01/14 12:43:11 | 000,183,959 | ---- | C] () -- C:\Users\sabina\Desktop\hela-SZ.zip
[2014/01/13 19:03:30 | 000,526,382 | ---- | C] () -- C:\Users\sabina\Desktop\Scan.jpg
[2014/01/13 17:49:48 | 000,000,764 | ---- | C] () -- C:\Windows\tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
[2014/01/13 17:49:47 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
[2014/01/13 17:49:32 | 000,000,286 | ---- | C] () -- C:\Windows\tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
[2014/01/13 17:46:31 | 000,001,991 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
[2014/01/13 17:45:51 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk
[2014/01/13 17:45:51 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Deskjet 2540 series.lnk
[2014/01/13 17:43:58 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014/01/13 00:27:32 | 000,227,597 | ---- | C] () -- C:\Users\sabina\Desktop\statnicove_otazky_bc.pdf
[2014/01/03 01:41:48 | 1963,524,096 | ---- | C] () -- C:\Users\sabina\Desktop\Válka Bohů.avi
[2014/01/03 00:45:37 | 000,000,443 | ---- | C] () -- C:\Users\sabina\AppData\Local\UserProducts.xml
[2014/01/03 00:45:37 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
[2014/01/03 00:45:36 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\update-sys.job
[2013/09/18 15:40:56 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2013/09/18 15:40:55 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2013/09/18 15:40:55 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2013/09/18 15:40:55 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2013/09/18 15:40:55 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2013/09/18 15:40:55 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2013/09/18 15:40:55 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2013/09/18 15:40:55 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2013/09/18 15:40:55 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2013/09/18 15:40:55 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2013/09/18 15:40:55 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2013/09/18 15:40:55 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2013/09/18 15:40:55 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2013/09/18 15:40:54 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2013/09/18 15:40:54 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2013/09/18 15:40:54 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2013/09/18 15:40:54 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2013/09/18 15:40:54 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2013/09/18 15:40:54 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2013/09/18 15:22:29 | 000,000,025 | ---- | C] () -- C:\Windows\CDE DX6000EFDG.ini
[2013/09/09 12:09:23 | 000,000,000 | ---- | C] () -- C:\Users\sabina\regbcm
[2012/05/04 14:37:46 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/11/14 18:53:11 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\AnvSoft
[2014/01/24 17:31:25 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\AVAST Software
[2014/01/07 21:43:50 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\CoreFTP
[2014/01/19 01:01:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\DAEMON Tools Lite
[2013/08/25 15:01:31 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\LolClient
[2013/11/02 14:40:23 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Notepad++
[2013/08/24 21:52:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\OpenCandy
[2014/01/20 21:59:00 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Origin
[2013/08/25 13:47:07 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Riot Games
[2013/10/27 21:37:21 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Seznam.cz
[2014/01/24 17:30:59 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\TestApp
[2014/01/29 20:17:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009/07/14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 06:08:49 | 000,032,554 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014/01/03 00:45:36 | 000,000,390 | ---- | C] () -- C:\Windows\Tasks\update-sys.job
[2014/01/03 00:45:37 | 000,000,390 | ---- | C] () -- C:\Windows\Tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
[2014/01/13 17:49:32 | 000,000,286 | ---- | C] () -- C:\Windows\Tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
[2014/01/13 17:49:47 | 000,000,346 | ---- | C] () -- C:\Windows\Tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
[2014/01/13 17:49:48 | 000,000,764 | ---- | C] () -- C:\Windows\Tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
[2014/01/19 12:28:08 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
[2014/01/24 17:31:05 | 000,000,350 | -H-- | C] () -- C:\Windows\Tasks\avast! Emergency Update.job
< >
< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/21 04:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/21 04:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/21 04:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/21 04:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2012/10/03 18:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\SysNative\drivers\tcpip.sys
[2013/09/08 03:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2010/11/21 04:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 03:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013/07/06 06:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012/10/03 18:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 07:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013/11/26 12:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[11 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5f8ddf13b2c0a8d95484a04807947d35\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5f8ddf13b2c0a8d95484a04807947d35\*.tmp -> ]
[33 C:\Windows\System32\spool\PRINTERS\*.tmp files -> C:\Windows\System32\spool\PRINTERS\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013/12/31 00:19:21 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Adobe
[2013/11/14 18:53:11 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\AnvSoft
[2013/11/14 08:34:48 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Apple Computer
[2014/01/24 17:31:25 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\AVAST Software
[2014/01/07 21:43:50 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\CoreFTP
[2014/01/19 01:01:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\DAEMON Tools Lite
[2014/01/20 19:30:52 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\HpUpdate
[2013/08/24 21:14:15 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Identities
[2013/08/25 15:01:31 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\LolClient
[2013/08/24 21:26:09 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Macromedia
[2014/01/25 21:26:24 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Malwarebytes
[2011/04/12 09:45:23 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Media Center Programs
[2013/12/06 10:05:54 | 000,000,000 | --SD | M] -- C:\Users\sabina\AppData\Roaming\Microsoft
[2013/11/04 14:31:00 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Mozilla
[2013/11/02 14:40:23 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Notepad++
[2013/11/02 16:24:46 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\NVIDIA
[2013/08/24 21:52:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\OpenCandy
[2014/01/20 21:59:00 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Origin
[2013/08/25 13:47:07 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Riot Games
[2013/10/26 00:11:21 | 000,000,000 | RH-D | M] -- C:\Users\sabina\AppData\Roaming\SecuROM
[2013/10/27 21:37:21 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Seznam.cz
[2013/12/24 01:47:14 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Skype
[2014/01/24 17:30:59 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\TestApp
[2014/01/29 20:17:43 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\uTorrent
[2014/01/20 21:52:45 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\vlc
[2014/01/29 18:35:53 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\Winamp
[2013/09/11 13:49:07 | 000,000,000 | ---D | M] -- C:\Users\sabina\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2013/08/24 21:52:55 | 000,914,400 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\OpenCandy\B1D771663B804D1C8EA16D4FF9C4CA3F\PasswordBoxCHSTORE_p1v0.exe
[2013/05/16 14:25:04 | 001,062,472 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\szninstall.exe
[2013/05/16 14:26:24 | 002,589,256 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013/04/29 11:53:34 | 000,045,560 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2013/04/12 09:13:24 | 000,457,208 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2013/04/12 09:10:22 | 000,092,664 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2013/04/16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\data\ffinstall\ffkill.exe
[2011/12/19 10:04:28 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Users\sabina\AppData\Roaming\Seznam.cz\data\ffinstall\reg.exe
[2013/04/16 12:52:36 | 000,077,824 | ---- | M] () -- C:\Users\sabina\AppData\Roaming\Seznam.cz\data\ffinstall\regctrl.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2014/01/24 17:31:05 | 000,000,350 | -H-- | M] () -- C:\Windows\Tasks\avast! Emergency Update.job
[2014/01/19 12:28:08 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
[2014/01/13 17:49:48 | 000,000,764 | ---- | M] () -- C:\Windows\Tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
[2014/01/13 17:49:47 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
[2014/01/13 17:49:32 | 000,000,286 | ---- | M] () -- C:\Windows\Tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
[2014/01/03 00:45:37 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
[2014/01/03 00:45:36 | 000,000,390 | ---- | M] () -- C:\Windows\Tasks\update-sys.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< *crack* /s >
[2008/08/07 11:28:04 | 001,159,409 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\Presets\Image - Special Effects\Cracked Tiles.ffx
[2008/03/04 01:53:00 | 000,380,612 | ---- | M] () -- \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\crack.exe
[2008/11/24 20:41:12 | 002,017,792 | ---- | M] () -- \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\Návod na crack k NOD32.doc
[2014/01/24 17:25:23 | 000,001,581 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod.lnk
[2014/01/24 17:25:23 | 000,001,581 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod.lnk
[2013/09/14 14:19:04 | 003,081,184 | ---- | M] () -- \Users\sabina\Desktop\zaloha\Music\Freestylers---Cracks-(Ft-Belle-Humble)-(Flux-Pavilion-Remix).mp3
< *keygen* /s >
[2013/11/02 14:36:47 | 000,025,669 | ---- | M] () -- \Users\sabina\AppData\Roaming\uTorrent\Adobe Photoshop CS4 + Keygen.rar.torrent
[2013/11/02 14:54:36 | 1339,820,827 | ---- | M] () -- \Users\sabina\Downloads\Adobe Photoshop CS4 + Keygen.rar
< *AntiWPA* /s >
< *loader* /s >
[2008/09/03 02:14:34 | 000,217,088 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\MXF_SDK_MetaMetadata_BinaryLoader_r.4.1.1.223.dll
[2008/08/28 19:34:20 | 004,965,736 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\Photodownloader.exe
[2008/08/28 16:42:12 | 000,011,161 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\de_de\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\en_us\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\es_es\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\it_it\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\no_no\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2008/08/28 16:42:14 | 000,000,308 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2008/08/28 16:42:16 | 000,000,011 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2008/08/26 01:32:24 | 000,217,088 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Media Encoder CS4\MXF_SDK_MetaMetadata_BinaryLoader_r.4.1.1.223.dll
[2013/08/29 15:23:40 | 000,078,336 | ---- | M] () -- \Program Files (x86)\AnvSoft\Any Video Converter\AVCDownloader.dll
[2008/08/14 07:23:12 | 000,009,969 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\Startup Scripts CS4\Adobe Version Cue\VersionCueSDKLoader.jsx
[2013/04/21 21:44:16 | 000,008,827 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2006/10/26 12:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006/10/26 12:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2009/10/06 05:08:30 | 000,145,082 | ---- | M] () -- \Program Files (x86)\HP\HP Deskjet 2540 series\bin\HelpViewer\Resources\Loader.gif
[2003/07/03 23:38:00 | 000,006,995 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoader.xs
[2003/07/03 23:37:36 | 000,002,522 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderaggboom.xs
[2003/07/03 23:37:28 | 000,002,734 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderbalanced.xs
[2003/07/03 23:37:18 | 000,002,486 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderboom.xs
[2003/07/03 23:37:08 | 000,002,522 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderdefboom.xs
[2003/07/03 23:37:04 | 000,002,491 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderdefrush.xs
[2003/07/03 23:36:56 | 000,002,494 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderecorush.xs
[2003/07/03 23:36:50 | 000,002,488 | ---- | M] () -- \Program Files (x86)\Microsoft Games\Age of Mythology\ai2\aomxailoaderrush.xs
[2011/02/21 12:35:14 | 000,107,520 | ---- | M] () -- \Program Files (x86)\Mio\MioMore Desktop 7.30\MiniDownloaderSvr.dll
[2011/07/18 22:33:32 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2011/10/17 13:10:26 | 000,071,528 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2011/10/17 12:14:50 | 000,074,600 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2011/11/06 10:09:52 | 000,083,816 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2011/11/10 14:55:50 | 000,089,448 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2011/09/23 23:19:26 | 000,228,352 | ---- | M] () -- \Program Files (x86)\Ubisoft\Driver San Francisco\ubiorbitapi_r2_loader.dll
[2011/08/30 14:21:56 | 000,171,320 | ---- | M] () -- \Program Files (x86)\Ubisoft\Driver San Francisco\uplay_r1_loader.dll
[2013/06/19 14:59:00 | 000,072,638 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.gif
[2013/06/19 14:59:00 | 000,003,032 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\loader.png
[2013/11/11 14:39:40 | 000,006,012 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/11/11 14:39:40 | 000,021,956 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\normal\loader_30fps.gif
[2013/06/19 14:59:00 | 000,009,772 | ---- | M] () -- \ProgramData\Skype\Apps\login\images\retina\loader@2x.png
[2013/08/25 14:06:34 | 000,000,404 | ---- | M] () -- \Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.69\deploy\assets\storeImages\layout\small_loader.gif
[2013/06/19 14:59:00 | 000,072,638 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.gif
[2013/06/19 14:59:00 | 000,003,032 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\loader.png
[2013/11/11 14:39:40 | 000,006,012 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_15fps.gif
[2013/11/11 14:39:40 | 000,021,956 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\normal\loader_30fps.gif
[2013/06/19 14:59:00 | 000,009,772 | ---- | M] () -- \Users\All Users\Skype\Apps\login\images\retina\loader@2x.png
[2013/09/27 13:40:02 | 000,492,832 | ---- | M] () -- \Users\sabina\AppData\Local\Skillbrains\lightshot\4.4.2.10\uploader.dll
[2013/03/29 12:37:34 | 000,059,384 | ---- | M] () -- \Users\sabina\AppData\Roaming\Seznam.cz\bin\25288libfoxloader.dll
[2013/04/15 12:32:10 | 000,060,416 | ---- | M] () -- \Users\sabina\AppData\Roaming\Seznam.cz\bin\25291libfoxloader-x64.dll
[2013/10/17 15:29:30 | 000,000,165 | ---- | M] () -- \Users\sabina\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013/03/25 15:27:20 | 000,000,665 | ---- | M] () -- \Users\sabina\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.install.bat
[2013/03/25 15:27:26 | 000,000,117 | ---- | M] () -- \Users\sabina\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_1_2.uninstall.bat
[2010/09/21 07:45:44 | 002,639,424 | ---- | M] () -- \Users\sabina\Desktop\wow\BackgroundDownloader.exe
[2010/01/11 14:17:16 | 000,003,026 | ---- | M] () -- \Users\sabina\Desktop\wow\Data\enGB\Documentation\Troubleshooting\(Mac)BlizzardDownloaderProblems.html
[2010/01/11 14:17:16 | 000,004,261 | ---- | M] () -- \Users\sabina\Desktop\wow\Data\enGB\Documentation\Troubleshooting\(PC)BlizzardDownloaderProblems.html
[2010/10/10 07:58:20 | 000,000,381 | ---- | M] () -- \Users\sabina\Desktop\wow\Interface\AddOns\Prat-3.0\pullouts\Prat-3.0_Loader\Prat-3.0_Loader.toc
[2012/11/24 22:57:56 | 000,099,505 | ---- | M] () -- \Users\sabina\Desktop\wow\Logs\Downloader.log
[2013/10/28 11:34:42 | 000,001,705 | ---- | M] () -- \Users\sabina\Desktop\zaloha\DENDO\fuzo\libs\Nette\loader.php
[2013/10/28 11:35:00 | 000,003,423 | ---- | M] () -- \Users\sabina\Desktop\zaloha\DENDO\fuzo\libs\Nette\Config\Loader.php
[2013/10/28 11:35:46 | 000,001,892 | ---- | M] () -- \Users\sabina\Desktop\zaloha\DENDO\fuzo\libs\Nette\Loaders\AutoLoader.php
[2013/10/28 11:35:46 | 000,004,358 | ---- | M] () -- \Users\sabina\Desktop\zaloha\DENDO\fuzo\libs\Nette\Loaders\NetteLoader.php
[2013/10/28 11:35:46 | 000,009,974 | ---- | M] () -- \Users\sabina\Desktop\zaloha\DENDO\fuzo\libs\Nette\Loaders\RobotLoader.php
[2013/10/17 15:37:17 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009/07/14 02:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 02:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:50:25 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:51:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:50:25 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:51:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 10:26:26 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2011/06/03 10:26:26 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2011/06/03 10:26:26 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2011/06/03 10:26:26 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2011/06/03 10:26:26 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2013/08/26 00:23:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013/08/26 00:23:45 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013/08/26 00:23:45 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013/08/26 00:23:45 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013/08/26 00:23:46 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 03:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011/06/03 10:24:25 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/21 04:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 18:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 14:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 03:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:50:25 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:51:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:50:25 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/26 00:51:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 02:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
[2008/08/14 07:56:12 | 000,003,942 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.csi.core.logging_1.0.0\com\adobe\csi\core\logging\Activator.class
[2008/08/14 07:56:10 | 000,001,489 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.drive.shutdown_1.0.0\com\adobe\drive\shutdown\Activator.class
< *serial* /s >
[2008/09/02 22:16:36 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\BadSerialNumberAlert.exv
[2008/09/02 22:16:36 | 000,001,561 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\CantChangeSerialNumberAlert.exv
[2008/09/02 22:16:36 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008/09/02 22:16:36 | 000,000,849 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\ReserializeAlert.exv
[2008/09/02 22:16:36 | 000,027,443 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\SerializationWF.exv
[2008/09/02 22:16:36 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\ar_AE\BadSerialNumberAlert.exv
[2008/09/02 22:16:36 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\ar_AE\CantChangeSerialNumberAlert.exv
[2008/09/02 22:16:36 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\ar_AE\InValidUpGradeSerialNumberAlert.exv
[2008/09/02 22:16:36 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\ar_AE\ReserializeAlert.exv
[2008/09/02 22:16:36 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\ar_AE\SerializationWF.exv
[2008/09/02 22:16:38 | 000,001,695 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\he_IL\BadSerialNumberAlert.exv
[2008/09/02 22:16:38 | 000,001,567 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\he_IL\CantChangeSerialNumberAlert.exv
[2008/09/02 22:16:38 | 000,001,661 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\he_IL\InValidUpGradeSerialNumberAlert.exv
[2008/09/02 22:16:38 | 000,000,855 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\he_IL\ReserializeAlert.exv
[2008/09/02 22:16:38 | 000,028,485 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe After Effects CS4\Support Files\LMResources\he_IL\SerializationWF.exv
[2008/08/28 16:40:42 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\LMResources\BadSerialNumberAlert.exv
[2008/08/28 16:40:42 | 000,001,561 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008/08/28 16:40:42 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008/08/28 16:40:42 | 000,000,849 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\LMResources\ReserializeAlert.exv
[2008/08/28 16:40:42 | 000,027,443 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Bridge CS4\LMResources\SerializationWF.exv
[2008/08/06 10:45:18 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS4\LMResources\BadSerialNumberAlert.exv
[2008/08/06 10:45:18 | 000,001,561 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS4\LMResources\CantChangeSerialNumberAlert.exv
[2008/08/06 10:45:18 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS4\LMResources\InValidUpGradeSerialNumberAlert.exv
[2008/08/06 10:45:18 | 000,000,849 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS4\LMResources\ReserializeAlert.exv
[2008/08/06 10:45:18 | 000,027,443 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Device Central CS4\LMResources\SerializationWF.exv
[2008/09/19 04:10:54 | 000,001,673 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS4\lmresources\BadSerialNumberAlert.exv
[2008/09/19 04:10:54 | 000,001,561 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS4\lmresources\CantChangeSerialNumberAlert.exv
[2008/09/19 04:10:54 | 000,001,639 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS4\lmresources\InValidUpGradeSerialNumberAlert.exv
[2008/09/19 04:10:54 | 000,000,849 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS4\lmresources\ReserializeAlert.exv
[2008/09/19 04:10:54 | 000,027,443 | ---- | M] () -- \Program Files (x86)\Adobe\Adobe Photoshop CS4\lmresources\SerializationWF.exv
[2008/08/14 07:56:46 | 000,059,514 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\CS4ServiceManager\plugins\com.adobe.versioncue.serialization_4.0.0.jar
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2008/09/19 04:22:30 | 000,001,673 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\lmresources\BadSerialNumberAlert.exv
[2008/09/19 04:22:30 | 000,001,561 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\lmresources\CantChangeSerialNumberAlert.exv
[2008/09/19 04:22:30 | 000,001,639 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\lmresources\InValidUpGradeSerialNumberAlert.exv
[2008/09/19 04:22:30 | 000,000,849 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\lmresources\ReserializeAlert.exv
[2008/09/19 04:22:30 | 000,027,443 | ---- | M] () -- \Program Files\Adobe\Adobe Photoshop CS4 (64 Bit)\lmresources\SerializationWF.exv
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/10/26 12:37:10 | 000,000,246 | ---- | M] () -- \Users\sabina\AppData\Local\Rockstar Games\GTA IV\Settings\serial.dat
[2010/08/02 19:53:02 | 000,008,786 | ---- | M] () -- \Users\sabina\Desktop\wow\Interface\AddOns\epgp\libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2010/08/02 19:53:02 | 000,000,216 | ---- | M] () -- \Users\sabina\Desktop\wow\Interface\AddOns\epgp\libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2009/12/25 12:06:30 | 000,008,824 | ---- | M] () -- \Users\sabina\Desktop\wow\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.lua
[2009/12/25 12:06:30 | 000,000,219 | ---- | M] () -- \Users\sabina\Desktop\wow\Interface\AddOns\Recount\Libs\AceSerializer-3.0\AceSerializer-3.0.xml
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/26 14:23:10 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\d462f459c4353e2c628e6def1430aed7\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/26 14:23:33 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
[2013/08/27 06:15:40 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\845e04461d3d879b24c5b0d30947050a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/27 06:16:29 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\dbfc784cc4bde7b16fb471e14563569d\System.Runtime.Serialization.ni.dll
[2013/10/10 16:33:55 | 002,659,328 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\10519c5a16fab95707f40b55941647b5\System.Runtime.Serialization.ni.dll
[2013/08/26 14:27:00 | 000,311,296 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\ad3522eafb95969623aeef7c389246bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/26 14:29:04 | 000,009,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Serializ#\cda839ea462e123d42cb6d0883cf0f4d\System.Xml.Serialization.ni.dll
[2013/10/10 06:23:31 | 003,425,792 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\4d6c50c63ff4757f8825b82fb18eae3d\System.Runtime.Serialization.ni.dll
[2013/08/27 06:25:30 | 003,414,016 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\b00c987c6d13ba24a30b471ae12a23d5\System.Runtime.Serialization.ni.dll
[2013/08/27 06:25:41 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Seri#\cd2da26160fba6400b0353e558e35da6\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2013/08/27 06:29:22 | 000,010,240 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Serializ#\252726355005e3388101a3f1dfa1c727\System.Xml.Serialization.ni.dll
[2010/03/18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.amd64
[2010/03/18 12:16:28 | 001,026,936 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\DFC90B5F2B0FFA63D84FD16F6BF37C4B\4.0.30319\System.Runtime.Serialization.dll.x86
[2013/10/10 00:06:21 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/10/10 00:06:20 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/10/10 00:06:24 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013/09/11 05:06:54 | 001,039,040 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2010/03/18 12:16:28 | 000,122,264 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2011/04/06 15:48:20 | 000,011,120 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2011/06/03 10:25:46 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011/06/03 10:25:46 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2011/06/03 10:25:45 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009/07/14 02:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011/06/03 10:25:53 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 01:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 21:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 21:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 11:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010/11/21 04:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 11:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012/10/05 11:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013/08/26 00:23:46 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013/08/26 00:23:46 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011/06/03 10:26:25 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009/07/14 03:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011/06/03 10:26:25 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 03:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 03:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 18:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 14:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 03:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/21 04:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 19:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012/10/05 19:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010/11/21 04:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 19:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012/10/05 19:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010/11/21 04:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 18:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012/10/05 18:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011/06/03 10:25:01 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 19:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2012/10/05 18:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2010/11/21 04:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 18:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012/10/05 18:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010/11/21 04:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 18:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012/10/05 18:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009/06/10 22:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 11:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012/10/05 11:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2010/11/21 04:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011/06/03 10:25:46 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 02:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/11/21 04:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 11:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012/10/05 11:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 172 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:373E1720
< End of report >
Re: Spomalený internet,YT videa nefungujú atď.
Odinstalujte MSE. Pere se s Avastem. Hlidejte velikost plochy. Nemela by mit vice nez 200-300 MB. Vy tam mate spostu filmu, zpomluje to pc, hlavne start.
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Znovu spustte OTL jako spravceDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[ClearAllRestorePoints]
:services
AdobeARMservice
Skype C2C Service
gupdate
SkypeUpdate
gupdatem
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job
C:\Windows\tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job
C:\Windows\tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job
C:\Windows\tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job
C:\Windows\tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job
C:\Windows\tasks\update-sys.job
C:\Users\Public\Public Documents\Windows Movie Player\player.exe
C:\Windows\inf\msgcqd.vbe
C:\Windows\inf\msloupd.vbe
C:\Windows\inf\ntvdm.vbe
C:\Windows\system32\msstp.vbe
C:\Windows\inf\mncpobor.vbe
C:\Program Files (x86)\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod
:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
O3 - HKU\S-1-5-21-3477457955-4250271348-77972968-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [mncpoborSrv] C:\Windows\inf\mncpobor.vbe ()
O4 - HKLM..\Run: [MSStp] C:\Windows\SysWOW64\msstp.vbe ()
O4 - HKU\S-1-5-21-3477457955-4250271348-77972968-1000..\Run: [Windows] C:\Users\Public\Public Documents\Windows Movie Player\player.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014/01/24 17:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod
[2014/01/24 17:25:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[4 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[11 C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp files -> C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\5f8ddf13b2c0a8d95484a04807947d35\*.tmp files -> C:\Windows\SoftwareDistribution\Download\5f8ddf13b2c0a8d95484a04807947d35\*.tmp -> ]
[33 C:\Windows\System32\spool\PRINTERS\*.tmp files -> C:\Windows\System32\spool\PRINTERS\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
[2008/03/04 01:53:00 | 000,380,612 | ---- | M] () -- \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\crack.exe
[2008/11/24 20:41:12 | 002,017,792 | ---- | M] () -- \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\Návod na crack k NOD32.doc
[2014/01/24 17:25:23 | 000,001,581 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod.lnk
[2014/01/24 17:25:23 | 000,001,581 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod.lnk
@Alternate Data Stream - 172 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:373E1720
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows"=-
"AdobeBridge"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msgcqdSrv] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msloupdSrv] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] /64
[-HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=-
"QuickTime Task"=-
"Adobe ARM"=-
"HP Software Update"=-
""=-
"MSStp"=-
"mncpoborSrv"=-
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-24 3764024]
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
sabrina.sms
- Návštěvník
- Příspěvky: 21
- Registrován: 25 led 2014 18:53
Re: Spomalený internet,YT videa nefungujú atď.
All processes killed
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: sabina
->Temp folder emptied: 2981845 bytes
->Temporary Internet Files folder emptied: 7130981 bytes
->FireFox cache emptied: 4153569 bytes
->Google Chrome cache emptied: 443569114 bytes
->Flash cache emptied: 2941 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 96811 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43255867 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 478,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: sabina
->Flash cache emptied: 0 bytes
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job moved successfully.
C:\Windows\tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job moved successfully.
C:\Windows\tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job moved successfully.
C:\Windows\tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job moved successfully.
C:\Windows\tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job moved successfully.
C:\Windows\tasks\update-sys.job moved successfully.
C:\Users\Public\Public Documents\Windows Movie Player\player.exe moved successfully.
File\Folder C:\Windows\inf\msgcqd.vbe not found.
File\Folder C:\Windows\inf\msloupd.vbe not found.
File\Folder C:\Windows\inf\ntvdm.vbe not found.
C:\Windows\system32\msstp.vbe moved successfully.
C:\Windows\inf\mncpobor.vbe moved successfully.
C:\Program Files (x86)\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod folder moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3477457955-4250271348-77972968-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-3477457955-4250271348-77972968-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mncpoborSrv deleted successfully.
File C:\Windows\inf\mncpobor.vbe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSStp deleted successfully.
File C:\Windows\SysWOW64\msstp.vbe not found.
Registry value HKEY_USERS\S-1-5-21-3477457955-4250271348-77972968-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Windows deleted successfully.
File C:\Users\Public\Public Documents\Windows Movie Player\player.exe not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod folder moved successfully.
Folder C:\Program Files (x86)\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP20BA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3429.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9000.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBB63.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI3B82.tmp deleted successfully.
C:\Windows\Installer\MSI68B.tmp deleted successfully.
C:\Windows\Installer\MSIED4A.tmp deleted successfully.
C:\Windows\Installer\MSIF830.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets05FCF8A8-C6E4-48D7-A8B1-822F50FB97AC.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets0E6B4B23-005F-4FFD-962B-8B91C5A53A62.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets0F288FEC-281D-4185-8053-1A701ECCDEFB.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets1517206F-062F-4867-8828-288AF2CF024C.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets69481A85-41B6-427E-8664-DFA49ECE53DC.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets7D21F597-C5B3-470F-AF30-7281A4D8B765.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets8FC5BC3C-2953-40F7-AA7F-BA291BB32FDF.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets92FAFFC4-E453-4DCC-9C88-D6BFC6CD74B2.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets95F11700-2406-4912-8BA7-25D84AF296A5.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsCBAAB45C-631D-44A0-942B-D517518F6496.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsDA4DC93B-BB58-4CF6-BC91-DC054151A3E7.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\5f8ddf13b2c0a8d95484a04807947d35\BIT34B.tmp deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0mb001xdqrccobb9pkatd_3vc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0zlt5zkud0jetwk8lb0l6s0kb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP20wym9w7hby40vu9pfmgh94dc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP30rn4gg93xq0mio01m_5ufd5c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP33qzadbfd70m6zh8racilndbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4ske38zj7jyp6qxdvxkfd7xdc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4vw3y1p0iam9oalrjg3h3eyy.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5etinunqvnp_018ygmiir0gz.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8585vzrzckd8ke78_13dymf8b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8rpooy9hpi6tsp87jk5979_od.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPd8p5yha17thjdeuytff24bbad.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPds6g0nwqc0owht8vngbi9grbb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPe08chgimyxk_00ld1unqwfxfc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfa4tb6d4040pxwk2qeg40wt4b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfsdc7rvb3py7oz_ytp9ub50yd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgdbcvbxkz9xd2xye1ggcaa_vb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPi103z3ecpn9oa0q6n4tdtgzid.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPi35ym26q_lzhcromttzm13jbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPis_gbe7i7ai2jhm7v7_hpzdv.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjm2_5yzgvwmw_2o_n0phpqw6d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk4hrtqddu1rr2x0s02da5j5sc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPm8c7alngnsrptk90mqvl43hee.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmmcj26bxr7r0xes1k431y0wic.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPna0pdc7fg5o7i2m__iztfkhx.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpj3exxb5ugz030bj6jun6vscb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr5zwx9y8g88jjpkxt5k0js9nb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr6p30voq7pzihky7uzi4uysjb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrltqisj65d4i48mc9nycr_qqd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs68065dtyj7wwuwyctm6snpqc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsn1oxt02vtgsh3p20gmy6suqd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtwxet4siwkglwpwjwt_us_f3c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvr1n68xshiwicjijr24x7fbk.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyr8zef9u6f6jq009x03xzfoo.TMP deleted successfully.
File move failed. \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\crack.exe scheduled to be moved on reboot.
File move failed. \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\Návod na crack k NOD32.doc scheduled to be moved on reboot.
File \ProgramData\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod.lnk not found.
File \Users\All Users\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod.lnk not found.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\ProgramData\TEMP:430C6D84 deleted successfully.
ADS C:\ProgramData\TEMP:373E1720 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Windows not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msgcqdSrv\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msloupdSrv\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\ scheduled to be deleted on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\MSStp not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\mncpoborSrv not found.
HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\"AvastUI.exe"|C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-24 3764024] /E :invalid edit format. Invalid data type.
OTL by OldTimer - Version 3.2.69.0 log created on 02012014_002302
Files\Folders moved on Reboot...
C:\Users\sabina\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\sabina\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\crack.exe scheduled to be moved on reboot.
File move failed. \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\Návod na crack k NOD32.doc scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\ scheduled to be deleted on reboot.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
User: sabina
->Temp folder emptied: 2981845 bytes
->Temporary Internet Files folder emptied: 7130981 bytes
->FireFox cache emptied: 4153569 bytes
->Google Chrome cache emptied: 443569114 bytes
->Flash cache emptied: 2941 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 96811 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43255867 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 478,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Public
User: sabina
->Flash cache emptied: 0 bytes
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service Skype C2C Service stopped successfully!
Service Skype C2C Service deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service SkypeUpdate stopped successfully!
Service SkypeUpdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf15098763e5da.job moved successfully.
C:\Windows\tasks\HP Deskjet 2540 series.exe_{9359753B-1293-4862-8F1C-965A2C0FA47B}.job moved successfully.
C:\Windows\tasks\HPCustPartic.exe_{A40132D7-9979-4B6F-AE4E-E146CB00BA44}.job moved successfully.
C:\Windows\tasks\Toolbox.exe_{EAA267D5-C6E4-4E6A-A364-0DC9956F41B9}.job moved successfully.
C:\Windows\tasks\update-S-1-5-21-3477457955-4250271348-77972968-1000.job moved successfully.
C:\Windows\tasks\update-sys.job moved successfully.
C:\Users\Public\Public Documents\Windows Movie Player\player.exe moved successfully.
File\Folder C:\Windows\inf\msgcqd.vbe not found.
File\Folder C:\Windows\inf\msloupd.vbe not found.
File\Folder C:\Windows\inf\ntvdm.vbe not found.
C:\Windows\system32\msstp.vbe moved successfully.
C:\Windows\inf\mncpobor.vbe moved successfully.
C:\Program Files (x86)\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod folder moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3477457955-4250271348-77972968-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-3477457955-4250271348-77972968-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mncpoborSrv deleted successfully.
File C:\Windows\inf\mncpobor.vbe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MSStp deleted successfully.
File C:\Windows\SysWOW64\msstp.vbe not found.
Registry value HKEY_USERS\S-1-5-21-3477457955-4250271348-77972968-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Windows deleted successfully.
File C:\Users\Public\Public Documents\Windows Movie Player\player.exe not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll moved successfully.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ deleted successfully.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype-ie-addon-data\ not found.
File C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod folder moved successfully.
Folder C:\Program Files (x86)\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP20BA.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3429.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9000.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBB63.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBF2.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI3B82.tmp deleted successfully.
C:\Windows\Installer\MSI68B.tmp deleted successfully.
C:\Windows\Installer\MSIED4A.tmp deleted successfully.
C:\Windows\Installer\MSIF830.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets05FCF8A8-C6E4-48D7-A8B1-822F50FB97AC.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets0E6B4B23-005F-4FFD-962B-8B91C5A53A62.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets0F288FEC-281D-4185-8053-1A701ECCDEFB.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets1517206F-062F-4867-8828-288AF2CF024C.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets69481A85-41B6-427E-8664-DFA49ECE53DC.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets7D21F597-C5B3-470F-AF30-7281A4D8B765.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets8FC5BC3C-2953-40F7-AA7F-BA291BB32FDF.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets92FAFFC4-E453-4DCC-9C88-D6BFC6CD74B2.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMets95F11700-2406-4912-8BA7-25D84AF296A5.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsCBAAB45C-631D-44A0-942B-D517518F6496.tmp deleted successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\mtiFntMetsDA4DC93B-BB58-4CF6-BC91-DC054151A3E7.tmp deleted successfully.
C:\Windows\SoftwareDistribution\Download\5f8ddf13b2c0a8d95484a04807947d35\BIT34B.tmp deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0mb001xdqrccobb9pkatd_3vc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP0zlt5zkud0jetwk8lb0l6s0kb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP20wym9w7hby40vu9pfmgh94dc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP30rn4gg93xq0mio01m_5ufd5c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP33qzadbfd70m6zh8racilndbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4ske38zj7jyp6qxdvxkfd7xdc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP4vw3y1p0iam9oalrjg3h3eyy.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP5etinunqvnp_018ygmiir0gz.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8585vzrzckd8ke78_13dymf8b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PP8rpooy9hpi6tsp87jk5979_od.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPd8p5yha17thjdeuytff24bbad.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPds6g0nwqc0owht8vngbi9grbb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPe08chgimyxk_00ld1unqwfxfc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfa4tb6d4040pxwk2qeg40wt4b.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPfsdc7rvb3py7oz_ytp9ub50yd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPgdbcvbxkz9xd2xye1ggcaa_vb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPi103z3ecpn9oa0q6n4tdtgzid.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPi35ym26q_lzhcromttzm13jbe.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPis_gbe7i7ai2jhm7v7_hpzdv.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPjm2_5yzgvwmw_2o_n0phpqw6d.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPk4hrtqddu1rr2x0s02da5j5sc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPm8c7alngnsrptk90mqvl43hee.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPmmcj26bxr7r0xes1k431y0wic.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPna0pdc7fg5o7i2m__iztfkhx.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPpj3exxb5ugz030bj6jun6vscb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr5zwx9y8g88jjpkxt5k0js9nb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPr6p30voq7pzihky7uzi4uysjb.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPrltqisj65d4i48mc9nycr_qqd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPs68065dtyj7wwuwyctm6snpqc.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPsn1oxt02vtgsh3p20gmy6suqd.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPtwxet4siwkglwpwjwt_us_f3c.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPvr1n68xshiwicjijr24x7fbk.TMP deleted successfully.
C:\Windows\System32\spool\PRINTERS\PPyr8zef9u6f6jq009x03xzfoo.TMP deleted successfully.
File move failed. \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\crack.exe scheduled to be moved on reboot.
File move failed. \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\Návod na crack k NOD32.doc scheduled to be moved on reboot.
File \ProgramData\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod.lnk not found.
File \Users\All Users\Microsoft\Windows\Start Menu\Programs\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod\Nod 32 v. 3.0.650 CZ + funkn crack do roku 2050 + nvod.lnk not found.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\ProgramData\TEMP:430C6D84 deleted successfully.
ADS C:\ProgramData\TEMP:373E1720 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Windows not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msgcqdSrv\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msloupdSrv\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NtVdmSrv\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg\ deleted successfully.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\ scheduled to be deleted on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\MSStp not found.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\mncpoborSrv not found.
HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\"AvastUI.exe"|C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-24 3764024] /E :invalid edit format. Invalid data type.
OTL by OldTimer - Version 3.2.69.0 log created on 02012014_002302
Files\Folders moved on Reboot...
C:\Users\sabina\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\sabina\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\crack.exe scheduled to be moved on reboot.
File move failed. \Program Files (x86)\Company\Nod 32 v. 3.0.650 CZ + funkční crack do roku 2050 + návod\Návod na crack k NOD32.doc scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Registry delete failed. HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\ scheduled to be deleted on reboot.
Re: Spomalený internet,YT videa nefungujú atď.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
sabrina.sms
- Návštěvník
- Příspěvky: 21
- Registrován: 25 led 2014 18:53
Re: Spomalený internet,YT videa nefungujú atď.
Logfile of random's system information tool 1.09 (written by random/random)
Run by sabina at 2014-02-01 13:49:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 797 GB (84%) free of 954 GB
Total RAM: 8183 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:41, on 1. 2. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\sabina.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8272 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2628.0.1758435512\1523389503" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23,28 --gpu-vendor-id=0x10de --gpu-device-id=0x0f00 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Enabled4/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_97/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2628.5.1563957860\444881740" /prefetch:673131151
"C:\Program Files (x86)\Winamp\winamp.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll" --lang=sk --channel="2628.6.1487797871\1781045116" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Enabled4/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_97/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2628.21.1889060918\1666839657" /prefetch:673131151
"C:\Users\sabina\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\avast! Emergency Update.job
=========Mozilla firefox=========
ProfilePath - C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1372864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1372864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1138536]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-05-04 630912]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-24 3764024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2014-01-28 22:30:54 ----D---- C:\Program Files (x86)\trend micro
2014-01-28 17:52:01 ----D---- C:\_OTL
2014-01-25 21:26:24 ----D---- C:\Users\sabina\AppData\Roaming\Malwarebytes
2014-01-25 21:26:18 ----D---- C:\ProgramData\Malwarebytes
2014-01-25 21:26:18 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-25 21:26:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-01-25 19:28:24 ----D---- C:\rsit
2014-01-25 19:28:24 ----D---- C:\Program Files\trend micro
2014-01-24 17:39:38 ----A---- C:\Windows\system32\drivers\PCTBD64.sys
2014-01-24 17:39:34 ----A---- C:\Windows\BDTSupport.dll
2014-01-24 17:39:33 ----A---- C:\Windows\SGDetectionTool.dll
2014-01-24 17:39:32 ----A---- C:\Windows\PCTBDCore.dll
2014-01-24 17:39:31 ----A---- C:\Windows\PCTBDRes.dll
2014-01-24 17:37:28 ----D---- C:\Program Files (x86)\PC Tools
2014-01-24 17:32:14 ----A---- C:\Windows\system32\drivers\Cat.DB
2014-01-24 17:31:55 ----A---- C:\Windows\system32\drivers\PCTSD64.sys
2014-01-24 17:31:25 ----D---- C:\Users\sabina\AppData\Roaming\AVAST Software
2014-01-24 17:31:02 ----D---- C:\ProgramData\PC Tools
2014-01-24 17:30:59 ----D---- C:\Users\sabina\AppData\Roaming\TestApp
2014-01-24 17:30:58 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-01-24 17:30:58 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-01-24 17:30:55 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-01-24 17:30:53 ----A---- C:\Windows\system32\aswBoot.exe
2014-01-24 17:30:45 ----A---- C:\Windows\avastSS.scr
2014-01-24 17:30:09 ----D---- C:\Program Files\AVAST Software
2014-01-24 17:29:35 ----D---- C:\ProgramData\AVAST Software
2014-01-24 17:25:46 ----D---- C:\Program Files (x86)\Company
2014-01-20 21:54:36 ----D---- C:\Users\sabina\AppData\Roaming\Origin
2014-01-20 21:53:06 ----D---- C:\ProgramData\Origin
2014-01-20 19:33:55 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-01-16 00:09:46 ----D---- C:\Program Files (x86)\HTC
2014-01-16 00:09:16 ----D---- C:\ProgramData\HTC
2014-01-16 00:09:15 ----D---- C:\Temp
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-01-15 11:45:19 ----A---- C:\Windows\system32\win32k.sys
2014-01-15 11:45:18 ----A---- C:\Windows\system32\drivers\netio.sys
2014-01-13 17:46:33 ----D---- C:\Program Files (x86)\Hewlett-Packard
2014-01-13 17:46:31 ----D---- C:\ProgramData\Visan
2014-01-13 17:46:31 ----D---- C:\ProgramData\HP Photo Creations
2014-01-13 17:46:31 ----D---- C:\Program Files (x86)\HP Photo Creations
2014-01-13 17:46:04 ----D---- C:\Users\sabina\AppData\Roaming\HpUpdate
2014-01-13 17:45:52 ----N---- C:\Windows\system32\HPDiscoPMC211.dll
2014-01-13 17:45:00 ----D---- C:\ProgramData\HP
2014-01-13 17:44:55 ----D---- C:\Program Files (x86)\HP
2014-01-13 17:44:02 ----D---- C:\Program Files\HP
2014-01-13 17:43:58 ----A---- C:\ProgramData\Ament.ini
2014-01-09 15:54:45 ----D---- C:\Program Files (x86)\R.G. Catalyst
2014-01-09 08:19:02 ----D---- C:\Program Files (x86)\Electronic Arts
2014-01-09 08:18:58 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-01-09 08:18:58 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-01-09 08:18:57 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-01-09 08:18:55 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-01-09 08:18:55 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-01-09 08:18:55 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-01-09 08:18:55 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-01-09 08:18:54 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-01-09 08:18:53 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-01-09 08:18:53 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-01-09 08:18:51 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-01-09 08:18:51 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-01-09 08:18:51 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-01-09 08:18:51 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-01-09 08:18:50 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-01-09 08:18:49 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2014-01-09 08:18:49 ----A---- C:\Windows\system32\d3dx9_34.dll
2014-01-09 08:18:48 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-01-09 08:18:48 ----A---- C:\Windows\system32\xinput1_3.dll
2014-01-09 08:18:47 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2014-01-09 08:18:47 ----A---- C:\Windows\system32\xactengine2_7.dll
2014-01-09 08:18:46 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\system32\d3dx10_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2014-01-09 08:18:45 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2014-01-09 08:18:45 ----A---- C:\Windows\system32\d3dx9_33.dll
2014-01-09 08:18:44 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2014-01-09 08:18:44 ----A---- C:\Windows\system32\xactengine2_6.dll
2014-01-09 08:18:43 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2014-01-09 08:18:43 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2014-01-09 08:18:43 ----A---- C:\Windows\system32\xactengine2_5.dll
2014-01-09 08:18:43 ----A---- C:\Windows\system32\d3dx10.dll
2014-01-09 08:18:42 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2014-01-09 08:18:42 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-01-09 08:18:41 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2014-01-09 08:18:41 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2014-01-09 08:18:41 ----A---- C:\Windows\system32\xactengine2_4.dll
2014-01-09 08:18:41 ----A---- C:\Windows\system32\x3daudio1_1.dll
2014-01-09 08:18:40 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-01-09 08:18:40 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-01-09 08:18:39 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2014-01-09 08:18:39 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2014-01-09 08:18:39 ----A---- C:\Windows\system32\xinput1_2.dll
2014-01-09 08:18:39 ----A---- C:\Windows\system32\xactengine2_3.dll
2014-01-09 08:18:38 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-01-09 08:18:38 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2014-01-09 08:18:38 ----A---- C:\Windows\system32\xinput1_1.dll
2014-01-09 08:18:38 ----A---- C:\Windows\system32\xactengine2_2.dll
2014-01-09 08:18:37 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-01-09 08:18:37 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-01-09 08:18:29 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2014-01-09 08:18:29 ----A---- C:\Windows\system32\d3dx9_30.dll
2014-01-09 08:18:28 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-01-09 08:18:27 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2014-01-09 08:18:27 ----A---- C:\Windows\system32\d3dx9_29.dll
2014-01-09 08:18:26 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2014-01-09 08:18:26 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-01-09 08:18:25 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2014-01-09 08:18:25 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-01-09 08:18:24 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2014-01-09 08:18:24 ----A---- C:\Windows\system32\d3dx9_26.dll
2014-01-09 08:18:23 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2014-01-09 08:18:23 ----A---- C:\Windows\system32\d3dx9_25.dll
2014-01-09 08:18:22 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2014-01-09 08:18:22 ----A---- C:\Windows\system32\d3dx9_24.dll
2014-01-03 00:45:36 ----D---- C:\Program Files (x86)\Skillbrains
2013-12-30 17:03:17 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-12-29 16:04:48 ----D---- C:\Windows\Watson
2013-12-29 16:04:48 ----D---- C:\Program Files (x86)\Microsoft Games
2013-12-23 19:55:45 ----D---- C:\Program Files (x86)\Mio
2013-12-14 23:46:16 ----D---- C:\Program Files (x86)\EA GAMES
2013-12-14 23:46:15 ----RA---- C:\Windows\SYSWOW64\vp6vfw.dll
2013-12-12 19:46:43 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 19:46:42 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 19:46:42 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 19:46:40 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 19:44:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 19:44:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-12 19:44:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-12 19:44:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 19:44:58 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 19:44:58 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 19:44:57 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 19:44:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-12 19:44:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-12 19:44:56 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 19:44:56 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 19:44:56 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 19:44:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-12 19:44:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-12 19:44:55 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 19:44:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-12 19:44:54 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 19:44:54 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 19:44:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 19:44:53 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 19:44:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-12 19:44:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-12 19:44:51 ----A---- C:\Windows\system32\jscript9.dll
2013-12-12 19:17:01 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 19:17:01 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 19:17:00 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 19:17:00 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 19:17:00 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 19:17:00 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 19:16:58 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 19:16:58 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 19:16:55 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 19:16:55 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 19:16:54 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 19:16:54 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 19:16:54 ----A---- C:\Windows\system32\cscript.exe
2013-12-01 01:33:29 ----D---- C:\ProgramData\LogMeIn
2013-11-24 19:03:56 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-11-24 19:00:13 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-11-24 19:00:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\url.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-11-24 19:00:10 ----A---- C:\Windows\system32\elshyph.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-11-24 19:00:08 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-11-24 19:00:08 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-11-24 19:00:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-11-24 19:00:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msrating.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msls31.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msfeedssync.exe
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\jsIntl.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\wextract.exe
2013-11-24 19:00:07 ----A---- C:\Windows\system32\webcheck.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\vbscript.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\url.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\mshtmler.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\licmgr10.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\inseng.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\iexpress.exe
2013-11-24 19:00:07 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\iedkcs32.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\ieapfltr.dat
2013-11-24 19:00:07 ----A---- C:\Windows\system32\icardie.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\dxtrans.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\dxtmsft.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\pngfilt.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\occache.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\mshta.exe
2013-11-24 19:00:06 ----A---- C:\Windows\system32\jscript.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\imgutil.dll
2013-11-24 19:00:02 ----A---- C:\Windows\system32\iepeers.dll
2013-11-24 16:56:17 ----D---- C:\Program Files\CoreFTP
2013-11-23 18:22:54 ----D---- C:\Program Files\7-Zip
2013-11-14 18:53:11 ----D---- C:\Users\sabina\AppData\Roaming\AnvSoft
2013-11-14 18:52:52 ----D---- C:\Program Files (x86)\AnvSoft
2013-11-13 18:38:08 ----D---- C:\Users\sabina\AppData\Roaming\Apple Computer
2013-11-13 18:35:31 ----D---- C:\ProgramData\Apple Computer
2013-11-13 18:35:31 ----D---- C:\Program Files (x86)\QuickTime
2013-11-13 18:34:41 ----D---- C:\ProgramData\Apple
2013-11-13 18:18:49 ----D---- C:\Program Files (x86)\pazera-software
2013-11-12 21:35:32 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-12 21:35:32 ----A---- C:\Windows\system32\crypt32.dll
2013-11-12 21:35:30 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-12 21:35:29 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-12 21:35:29 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-12 21:35:29 ----A---- C:\Windows\system32\credui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\system32\authui.dll
2013-11-12 21:35:25 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\sspicli.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\schannel.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-12 21:35:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-12 21:35:25 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-12 21:35:24 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-12 21:35:24 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-12 21:35:24 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\secur32.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\lsass.exe
2013-11-12 21:35:23 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-12 21:35:23 ----A---- C:\Windows\system32\gdi32.dll
2013-11-12 21:35:22 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-12 21:35:22 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-12 21:35:22 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-12 21:35:22 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-12 21:35:22 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-04 15:47:21 ----D---- C:\Users\sabina\AppData\Roaming\CoreFTP
2013-11-04 15:47:07 ----D---- C:\Program Files (x86)\CoreFTP
2013-11-04 14:30:57 ----D---- C:\Users\sabina\AppData\Roaming\Mozilla
2013-11-04 14:30:07 ----D---- C:\ProgramData\Mozilla
2013-11-04 14:30:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-04 14:29:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-02 16:24:41 ----D---- C:\ProgramData\FLEXnet
2013-11-02 15:23:33 ----D---- C:\Program Files\Adobe
2013-11-02 15:16:16 ----D---- C:\Windows\SYSWOW64\spool
2013-11-02 15:15:20 ----D---- C:\Program Files (x86)\Adobe Media Player
2013-11-02 15:10:21 ----D---- C:\ProgramData\Adobe
2013-11-02 15:09:59 ----D---- C:\Program Files (x86)\Adobe
2013-11-02 15:09:38 ----D---- C:\Program Files\Common Files\Macrovision Shared
2013-11-02 15:09:37 ----D---- C:\Program Files\Common Files\Adobe
2013-11-02 14:40:17 ----D---- C:\Users\sabina\AppData\Roaming\Notepad++
2013-11-02 14:40:04 ----D---- C:\Program Files (x86)\Notepad++
======List of files/folders modified in the last 3 months======
2014-02-01 13:49:41 ----D---- C:\Windows\Temp
2014-02-01 13:26:49 ----D---- C:\Windows\system32\config
2014-02-01 13:22:11 ----AD---- C:\ProgramData\TEMP
2014-02-01 13:22:09 ----D---- C:\Windows
2014-02-01 13:16:46 ----D---- C:\Windows\System32
2014-02-01 13:16:46 ----D---- C:\Windows\inf
2014-02-01 13:16:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-01 13:11:59 ----D---- C:\ProgramData\NVIDIA
2014-02-01 02:01:08 ----D---- C:\ProgramData\PMB Files
2014-02-01 00:24:15 ----SHD---- C:\Windows\Installer
2014-02-01 00:24:09 ----RD---- C:\Program Files (x86)
2014-02-01 00:24:09 ----D---- C:\Windows\Tasks
2014-02-01 00:24:09 ----D---- C:\Windows\SysWOW64
2014-02-01 00:24:00 ----SHD---- C:\System Volume Information
2014-02-01 00:21:29 ----RD---- C:\Program Files
2014-02-01 00:21:20 ----D---- C:\Windows\system32\drivers
2014-01-31 11:04:54 ----D---- C:\Users\sabina\AppData\Roaming\vlc
2014-01-29 20:17:43 ----D---- C:\Users\sabina\AppData\Roaming\uTorrent
2014-01-29 18:35:53 ----D---- C:\Users\sabina\AppData\Roaming\Winamp
2014-01-27 20:42:12 ----D---- C:\Windows\system32\LogFiles
2014-01-25 21:26:18 ----HD---- C:\ProgramData
2014-01-24 17:31:52 ----D---- C:\Program Files (x86)\Common Files
2014-01-24 17:30:54 ----D---- C:\Windows\winsxs
2014-01-24 15:17:56 ----D---- C:\412988f1bbf86413bac1
2014-01-19 21:27:00 ----D---- C:\Windows\system32\catroot2
2014-01-19 12:21:20 ----D---- C:\Program Files (x86)\Google
2014-01-19 01:01:43 ----D---- C:\Users\sabina\AppData\Roaming\DAEMON Tools Lite
2014-01-16 13:41:49 ----D---- C:\Windows\system32\DriverStore
2014-01-16 09:59:44 ----N---- C:\Windows\system32\MpSigStub.exe
2014-01-16 01:27:58 ----D---- C:\Windows\system32\catroot
2014-01-16 01:27:56 ----D---- C:\ProgramData\Microsoft Help
2014-01-15 11:41:45 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-14 12:39:32 ----D---- C:\Program Files (x86)\epson
2014-01-13 18:11:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-01-13 18:08:26 ----D---- C:\Windows\twain_32
2014-01-09 08:37:01 ----RSD---- C:\Windows\assembly
2014-01-07 21:34:08 ----D---- C:\Program Files (x86)\Rockstar Games
2013-12-31 00:19:21 ----D---- C:\Users\sabina\AppData\Roaming\Adobe
2013-12-29 16:04:55 ----RSD---- C:\Windows\Fonts
2013-12-29 15:43:18 ----D---- C:\Program Files (x86)\uTorrent
2013-12-24 01:47:14 ----D---- C:\Users\sabina\AppData\Roaming\Skype
2013-12-12 21:10:40 ----D---- C:\Windows\system32\NDF
2013-12-12 21:06:25 ----D---- C:\Program Files\Windows Media Player
2013-12-12 21:06:25 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-12 21:06:24 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-12-12 21:06:24 ----D---- C:\Windows\system32\sk-SK
2013-12-12 21:06:24 ----D---- C:\Program Files\Internet Explorer
2013-12-10 11:08:33 ----SHD---- C:\$Recycle.Bin
2013-12-06 10:05:54 ----SD---- C:\Users\sabina\AppData\Roaming\Microsoft
2013-12-01 01:35:13 ----D---- C:\Windows\Panther
2013-12-01 01:35:13 ----D---- C:\Windows\Logs
2013-12-01 01:00:03 ----D---- C:\ProgramData\Skype
2013-12-01 01:00:02 ----RD---- C:\Program Files (x86)\Skype
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\wbem
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\migration
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\en-US
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-11-24 21:59:20 ----D---- C:\Windows\system32\wbem
2013-11-24 21:59:20 ----D---- C:\Windows\system32\migration
2013-11-24 21:59:20 ----D---- C:\Windows\system32\en-US
2013-11-24 21:59:20 ----D---- C:\Windows\system32\cs-CZ
2013-11-24 21:59:20 ----D---- C:\Windows\PolicyDefinitions
2013-11-14 17:58:33 ----D---- C:\Program Files\Google
2013-11-14 17:52:31 ----D---- C:\Windows\SoftwareDistribution
2013-11-14 17:52:17 ----D---- C:\ProgramData\Google
2013-11-04 23:44:42 ----D---- C:\Windows\SYSWOW64\LogFiles
2013-11-04 14:42:48 ----SD---- C:\ProgramData\Microsoft
2013-11-02 16:24:46 ----D---- C:\Users\sabina\AppData\Roaming\NVIDIA
2013-11-02 15:17:49 ----D---- C:\Windows\SYSWOW64\drivers
2013-11-02 15:09:38 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-24 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-24 207904]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-01-24 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-24 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-24 422216]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-17 283064]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-11-13 55936]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-24 78648]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-24 79672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD64.sys [2012-10-23 77144]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-05-04 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-24 50344]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-10-23 580728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-02 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-11-02 655624]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-26 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-26 1255736]
-----------------EOF-----------------
Run by sabina at 2014-02-01 13:49:32
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 797 GB (84%) free of 954 GB
Total RAM: 8183 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:41, on 1. 2. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\sabina.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8272 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2628.0.1758435512\1523389503" --disable-image-transport-surface --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,13,23,28 --gpu-vendor-id=0x10de --gpu-device-id=0x0f00 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Enabled4/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_97/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2628.5.1563957860\444881740" /prefetch:673131151
"C:\Program Files (x86)\Winamp\winamp.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll" --lang=sk --channel="2628.6.1487797871\1781045116" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/AutomaticProfileReset/Enabled4/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Default/DeferBackgroundExtensionCreation/RateLimited/EmbeddedSearch/Group6 pct:10f stable:pp1 use_cacheable_ntp:1 espv:210 suppress_on_srp:1/ManagedModeLaunch/Active/OmniboxBundledExperimentV1/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_04/UMA-Uniformity-Trial-1-Percent/group_97/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_14/UMA-Uniformity-Trial-50-Percent/group_01/" --enable-threaded-compositing --enable-delegated-renderer --enable-deadline-scheduling --renderer-print-preview --disable-html-notifications --enable-software-compositing --channel="2628.21.1889060918\1666839657" /prefetch:673131151
"C:\Users\sabina\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\avast! Emergency Update.job
=========Mozilla firefox=========
ProfilePath - C:\Users\sabina\AppData\Roaming\Mozilla\Firefox\Profiles\n04xg997.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.7]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.43 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1372864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-24 1372864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-24 1138536]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-10-23 1137784]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Printsrv"=c:\Windows\System32\Printing_Admin_Scripts\en-US\pubpr.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-05-04 630912]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-01-24 3764024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 3 months======
2014-01-28 22:30:54 ----D---- C:\Program Files (x86)\trend micro
2014-01-28 17:52:01 ----D---- C:\_OTL
2014-01-25 21:26:24 ----D---- C:\Users\sabina\AppData\Roaming\Malwarebytes
2014-01-25 21:26:18 ----D---- C:\ProgramData\Malwarebytes
2014-01-25 21:26:18 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-25 21:26:18 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-01-25 19:28:24 ----D---- C:\rsit
2014-01-25 19:28:24 ----D---- C:\Program Files\trend micro
2014-01-24 17:39:38 ----A---- C:\Windows\system32\drivers\PCTBD64.sys
2014-01-24 17:39:34 ----A---- C:\Windows\BDTSupport.dll
2014-01-24 17:39:33 ----A---- C:\Windows\SGDetectionTool.dll
2014-01-24 17:39:32 ----A---- C:\Windows\PCTBDCore.dll
2014-01-24 17:39:31 ----A---- C:\Windows\PCTBDRes.dll
2014-01-24 17:37:28 ----D---- C:\Program Files (x86)\PC Tools
2014-01-24 17:32:14 ----A---- C:\Windows\system32\drivers\Cat.DB
2014-01-24 17:31:55 ----A---- C:\Windows\system32\drivers\PCTSD64.sys
2014-01-24 17:31:25 ----D---- C:\Users\sabina\AppData\Roaming\AVAST Software
2014-01-24 17:31:02 ----D---- C:\ProgramData\PC Tools
2014-01-24 17:30:59 ----D---- C:\Users\sabina\AppData\Roaming\TestApp
2014-01-24 17:30:58 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-01-24 17:30:58 ----A---- C:\Windows\system32\drivers\aswstm.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-01-24 17:30:56 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-01-24 17:30:55 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-01-24 17:30:53 ----A---- C:\Windows\system32\aswBoot.exe
2014-01-24 17:30:45 ----A---- C:\Windows\avastSS.scr
2014-01-24 17:30:09 ----D---- C:\Program Files\AVAST Software
2014-01-24 17:29:35 ----D---- C:\ProgramData\AVAST Software
2014-01-24 17:25:46 ----D---- C:\Program Files (x86)\Company
2014-01-20 21:54:36 ----D---- C:\Users\sabina\AppData\Roaming\Origin
2014-01-20 21:53:06 ----D---- C:\ProgramData\Origin
2014-01-20 19:33:55 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-01-16 00:09:46 ----D---- C:\Program Files (x86)\HTC
2014-01-16 00:09:16 ----D---- C:\ProgramData\HTC
2014-01-16 00:09:15 ----D---- C:\Temp
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-01-15 11:45:20 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-01-15 11:45:19 ----A---- C:\Windows\system32\win32k.sys
2014-01-15 11:45:18 ----A---- C:\Windows\system32\drivers\netio.sys
2014-01-13 17:46:33 ----D---- C:\Program Files (x86)\Hewlett-Packard
2014-01-13 17:46:31 ----D---- C:\ProgramData\Visan
2014-01-13 17:46:31 ----D---- C:\ProgramData\HP Photo Creations
2014-01-13 17:46:31 ----D---- C:\Program Files (x86)\HP Photo Creations
2014-01-13 17:46:04 ----D---- C:\Users\sabina\AppData\Roaming\HpUpdate
2014-01-13 17:45:52 ----N---- C:\Windows\system32\HPDiscoPMC211.dll
2014-01-13 17:45:00 ----D---- C:\ProgramData\HP
2014-01-13 17:44:55 ----D---- C:\Program Files (x86)\HP
2014-01-13 17:44:02 ----D---- C:\Program Files\HP
2014-01-13 17:43:58 ----A---- C:\ProgramData\Ament.ini
2014-01-09 15:54:45 ----D---- C:\Program Files (x86)\R.G. Catalyst
2014-01-09 08:19:02 ----D---- C:\Program Files (x86)\Electronic Arts
2014-01-09 08:18:58 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2014-01-09 08:18:58 ----A---- C:\Windows\system32\xactengine2_10.dll
2014-01-09 08:18:57 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\system32\d3dx10_36.dll
2014-01-09 08:18:57 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2014-01-09 08:18:55 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2014-01-09 08:18:55 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2014-01-09 08:18:55 ----A---- C:\Windows\system32\xactengine2_9.dll
2014-01-09 08:18:55 ----A---- C:\Windows\system32\d3dx9_36.dll
2014-01-09 08:18:54 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\system32\d3dx10_35.dll
2014-01-09 08:18:54 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2014-01-09 08:18:53 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2014-01-09 08:18:53 ----A---- C:\Windows\system32\d3dx9_35.dll
2014-01-09 08:18:51 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2014-01-09 08:18:51 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2014-01-09 08:18:51 ----A---- C:\Windows\system32\xactengine2_8.dll
2014-01-09 08:18:51 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2014-01-09 08:18:50 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\system32\d3dx10_34.dll
2014-01-09 08:18:50 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2014-01-09 08:18:49 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2014-01-09 08:18:49 ----A---- C:\Windows\system32\d3dx9_34.dll
2014-01-09 08:18:48 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-01-09 08:18:48 ----A---- C:\Windows\system32\xinput1_3.dll
2014-01-09 08:18:47 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2014-01-09 08:18:47 ----A---- C:\Windows\system32\xactengine2_7.dll
2014-01-09 08:18:46 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\system32\d3dx10_33.dll
2014-01-09 08:18:46 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2014-01-09 08:18:45 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2014-01-09 08:18:45 ----A---- C:\Windows\system32\d3dx9_33.dll
2014-01-09 08:18:44 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2014-01-09 08:18:44 ----A---- C:\Windows\system32\xactengine2_6.dll
2014-01-09 08:18:43 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2014-01-09 08:18:43 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2014-01-09 08:18:43 ----A---- C:\Windows\system32\xactengine2_5.dll
2014-01-09 08:18:43 ----A---- C:\Windows\system32\d3dx10.dll
2014-01-09 08:18:42 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2014-01-09 08:18:42 ----A---- C:\Windows\system32\d3dx9_32.dll
2014-01-09 08:18:41 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2014-01-09 08:18:41 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2014-01-09 08:18:41 ----A---- C:\Windows\system32\xactengine2_4.dll
2014-01-09 08:18:41 ----A---- C:\Windows\system32\x3daudio1_1.dll
2014-01-09 08:18:40 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2014-01-09 08:18:40 ----A---- C:\Windows\system32\d3dx9_31.dll
2014-01-09 08:18:39 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2014-01-09 08:18:39 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2014-01-09 08:18:39 ----A---- C:\Windows\system32\xinput1_2.dll
2014-01-09 08:18:39 ----A---- C:\Windows\system32\xactengine2_3.dll
2014-01-09 08:18:38 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2014-01-09 08:18:38 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2014-01-09 08:18:38 ----A---- C:\Windows\system32\xinput1_1.dll
2014-01-09 08:18:38 ----A---- C:\Windows\system32\xactengine2_2.dll
2014-01-09 08:18:37 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2014-01-09 08:18:37 ----A---- C:\Windows\system32\xactengine2_1.dll
2014-01-09 08:18:29 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2014-01-09 08:18:29 ----A---- C:\Windows\system32\d3dx9_30.dll
2014-01-09 08:18:28 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2014-01-09 08:18:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2014-01-09 08:18:27 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2014-01-09 08:18:27 ----A---- C:\Windows\system32\d3dx9_29.dll
2014-01-09 08:18:26 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2014-01-09 08:18:26 ----A---- C:\Windows\system32\d3dx9_28.dll
2014-01-09 08:18:25 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2014-01-09 08:18:25 ----A---- C:\Windows\system32\d3dx9_27.dll
2014-01-09 08:18:24 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2014-01-09 08:18:24 ----A---- C:\Windows\system32\d3dx9_26.dll
2014-01-09 08:18:23 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2014-01-09 08:18:23 ----A---- C:\Windows\system32\d3dx9_25.dll
2014-01-09 08:18:22 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2014-01-09 08:18:22 ----A---- C:\Windows\system32\d3dx9_24.dll
2014-01-03 00:45:36 ----D---- C:\Program Files (x86)\Skillbrains
2013-12-30 17:03:17 ----D---- C:\Program Files (x86)\MSXML 4.0
2013-12-29 16:04:48 ----D---- C:\Windows\Watson
2013-12-29 16:04:48 ----D---- C:\Program Files (x86)\Microsoft Games
2013-12-23 19:55:45 ----D---- C:\Program Files (x86)\Mio
2013-12-14 23:46:16 ----D---- C:\Program Files (x86)\EA GAMES
2013-12-14 23:46:15 ----RA---- C:\Windows\SYSWOW64\vp6vfw.dll
2013-12-12 19:46:43 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-12 19:46:42 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-12 19:46:42 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-12 19:46:40 ----A---- C:\Windows\system32\wmp.dll
2013-12-12 19:44:59 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 19:44:58 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-12 19:44:58 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-12 19:44:58 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-12 19:44:58 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-12 19:44:58 ----A---- C:\Windows\system32\ieui.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\iesetup.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\iernonce.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-12 19:44:57 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-12 19:44:57 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-12 19:44:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-12 19:44:56 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-12 19:44:56 ----A---- C:\Windows\system32\mshtml.dll
2013-12-12 19:44:56 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-12 19:44:56 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-12 19:44:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-12 19:44:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-12 19:44:55 ----A---- C:\Windows\system32\iertutil.dll
2013-12-12 19:44:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-12 19:44:54 ----A---- C:\Windows\system32\wininet.dll
2013-12-12 19:44:54 ----A---- C:\Windows\system32\urlmon.dll
2013-12-12 19:44:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 19:44:53 ----A---- C:\Windows\system32\ieframe.dll
2013-12-12 19:44:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-12 19:44:51 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-12 19:44:51 ----A---- C:\Windows\system32\jscript9.dll
2013-12-12 19:17:01 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-12 19:17:01 ----A---- C:\Windows\system32\msieftp.dll
2013-12-12 19:17:00 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-12 19:17:00 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 19:17:00 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-12 19:17:00 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 19:16:58 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-12 19:16:58 ----A---- C:\Windows\system32\tzres.dll
2013-12-12 19:16:55 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 19:16:55 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-12 19:16:54 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 19:16:54 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 19:16:54 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 19:16:54 ----A---- C:\Windows\system32\cscript.exe
2013-12-01 01:33:29 ----D---- C:\ProgramData\LogMeIn
2013-11-24 19:03:56 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-11-24 19:00:13 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-11-24 19:00:13 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\url.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-11-24 19:00:10 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-11-24 19:00:10 ----A---- C:\Windows\system32\elshyph.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-11-24 19:00:09 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-11-24 19:00:08 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-11-24 19:00:08 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-11-24 19:00:08 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-11-24 19:00:08 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msrating.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msls31.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msfeedssync.exe
2013-11-24 19:00:08 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\jsIntl.dll
2013-11-24 19:00:08 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\wextract.exe
2013-11-24 19:00:07 ----A---- C:\Windows\system32\webcheck.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\vbscript.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\url.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\mshtmler.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\mshtmled.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\msfeeds.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\licmgr10.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\inseng.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\iexpress.exe
2013-11-24 19:00:07 ----A---- C:\Windows\system32\iesysprep.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\iedkcs32.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\ieapfltr.dat
2013-11-24 19:00:07 ----A---- C:\Windows\system32\icardie.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\dxtrans.dll
2013-11-24 19:00:07 ----A---- C:\Windows\system32\dxtmsft.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\pngfilt.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\occache.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\mshta.exe
2013-11-24 19:00:06 ----A---- C:\Windows\system32\jscript.dll
2013-11-24 19:00:06 ----A---- C:\Windows\system32\imgutil.dll
2013-11-24 19:00:02 ----A---- C:\Windows\system32\iepeers.dll
2013-11-24 16:56:17 ----D---- C:\Program Files\CoreFTP
2013-11-23 18:22:54 ----D---- C:\Program Files\7-Zip
2013-11-14 18:53:11 ----D---- C:\Users\sabina\AppData\Roaming\AnvSoft
2013-11-14 18:52:52 ----D---- C:\Program Files (x86)\AnvSoft
2013-11-13 18:38:08 ----D---- C:\Users\sabina\AppData\Roaming\Apple Computer
2013-11-13 18:35:31 ----D---- C:\ProgramData\Apple Computer
2013-11-13 18:35:31 ----D---- C:\Program Files (x86)\QuickTime
2013-11-13 18:34:41 ----D---- C:\ProgramData\Apple
2013-11-13 18:18:49 ----D---- C:\Program Files (x86)\pazera-software
2013-11-12 21:35:32 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-11-12 21:35:32 ----A---- C:\Windows\system32\crypt32.dll
2013-11-12 21:35:30 ----A---- C:\Windows\system32\drivers\afd.sys
2013-11-12 21:35:29 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2013-11-12 21:35:29 ----A---- C:\Windows\SYSWOW64\credui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\SYSWOW64\authui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-12 21:35:29 ----A---- C:\Windows\system32\credui.dll
2013-11-12 21:35:29 ----A---- C:\Windows\system32\authui.dll
2013-11-12 21:35:25 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\sspicli.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\schannel.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\lsasrv.dll
2013-11-12 21:35:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-11-12 21:35:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-11-12 21:35:25 ----A---- C:\Windows\system32\drivers\cng.sys
2013-11-12 21:35:24 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-11-12 21:35:24 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-11-12 21:35:24 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\sspisrv.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\secur32.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\ncrypt.dll
2013-11-12 21:35:24 ----A---- C:\Windows\system32\lsass.exe
2013-11-12 21:35:23 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2013-11-12 21:35:23 ----A---- C:\Windows\system32\gdi32.dll
2013-11-12 21:35:22 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2013-11-12 21:35:22 ----A---- C:\Windows\SYSWOW64\FWPUCLNT.DLL
2013-11-12 21:35:22 ----A---- C:\Windows\system32\nshwfp.dll
2013-11-12 21:35:22 ----A---- C:\Windows\system32\IKEEXT.DLL
2013-11-12 21:35:22 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2013-11-04 15:47:21 ----D---- C:\Users\sabina\AppData\Roaming\CoreFTP
2013-11-04 15:47:07 ----D---- C:\Program Files (x86)\CoreFTP
2013-11-04 14:30:57 ----D---- C:\Users\sabina\AppData\Roaming\Mozilla
2013-11-04 14:30:07 ----D---- C:\ProgramData\Mozilla
2013-11-04 14:30:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-04 14:29:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-11-02 16:24:41 ----D---- C:\ProgramData\FLEXnet
2013-11-02 15:23:33 ----D---- C:\Program Files\Adobe
2013-11-02 15:16:16 ----D---- C:\Windows\SYSWOW64\spool
2013-11-02 15:15:20 ----D---- C:\Program Files (x86)\Adobe Media Player
2013-11-02 15:10:21 ----D---- C:\ProgramData\Adobe
2013-11-02 15:09:59 ----D---- C:\Program Files (x86)\Adobe
2013-11-02 15:09:38 ----D---- C:\Program Files\Common Files\Macrovision Shared
2013-11-02 15:09:37 ----D---- C:\Program Files\Common Files\Adobe
2013-11-02 14:40:17 ----D---- C:\Users\sabina\AppData\Roaming\Notepad++
2013-11-02 14:40:04 ----D---- C:\Program Files (x86)\Notepad++
======List of files/folders modified in the last 3 months======
2014-02-01 13:49:41 ----D---- C:\Windows\Temp
2014-02-01 13:26:49 ----D---- C:\Windows\system32\config
2014-02-01 13:22:11 ----AD---- C:\ProgramData\TEMP
2014-02-01 13:22:09 ----D---- C:\Windows
2014-02-01 13:16:46 ----D---- C:\Windows\System32
2014-02-01 13:16:46 ----D---- C:\Windows\inf
2014-02-01 13:16:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-01 13:11:59 ----D---- C:\ProgramData\NVIDIA
2014-02-01 02:01:08 ----D---- C:\ProgramData\PMB Files
2014-02-01 00:24:15 ----SHD---- C:\Windows\Installer
2014-02-01 00:24:09 ----RD---- C:\Program Files (x86)
2014-02-01 00:24:09 ----D---- C:\Windows\Tasks
2014-02-01 00:24:09 ----D---- C:\Windows\SysWOW64
2014-02-01 00:24:00 ----SHD---- C:\System Volume Information
2014-02-01 00:21:29 ----RD---- C:\Program Files
2014-02-01 00:21:20 ----D---- C:\Windows\system32\drivers
2014-01-31 11:04:54 ----D---- C:\Users\sabina\AppData\Roaming\vlc
2014-01-29 20:17:43 ----D---- C:\Users\sabina\AppData\Roaming\uTorrent
2014-01-29 18:35:53 ----D---- C:\Users\sabina\AppData\Roaming\Winamp
2014-01-27 20:42:12 ----D---- C:\Windows\system32\LogFiles
2014-01-25 21:26:18 ----HD---- C:\ProgramData
2014-01-24 17:31:52 ----D---- C:\Program Files (x86)\Common Files
2014-01-24 17:30:54 ----D---- C:\Windows\winsxs
2014-01-24 15:17:56 ----D---- C:\412988f1bbf86413bac1
2014-01-19 21:27:00 ----D---- C:\Windows\system32\catroot2
2014-01-19 12:21:20 ----D---- C:\Program Files (x86)\Google
2014-01-19 01:01:43 ----D---- C:\Users\sabina\AppData\Roaming\DAEMON Tools Lite
2014-01-16 13:41:49 ----D---- C:\Windows\system32\DriverStore
2014-01-16 09:59:44 ----N---- C:\Windows\system32\MpSigStub.exe
2014-01-16 01:27:58 ----D---- C:\Windows\system32\catroot
2014-01-16 01:27:56 ----D---- C:\ProgramData\Microsoft Help
2014-01-15 11:41:45 ----D---- C:\Program Files (x86)\Internet Explorer
2014-01-14 12:39:32 ----D---- C:\Program Files (x86)\epson
2014-01-13 18:11:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-01-13 18:08:26 ----D---- C:\Windows\twain_32
2014-01-09 08:37:01 ----RSD---- C:\Windows\assembly
2014-01-07 21:34:08 ----D---- C:\Program Files (x86)\Rockstar Games
2013-12-31 00:19:21 ----D---- C:\Users\sabina\AppData\Roaming\Adobe
2013-12-29 16:04:55 ----RSD---- C:\Windows\Fonts
2013-12-29 15:43:18 ----D---- C:\Program Files (x86)\uTorrent
2013-12-24 01:47:14 ----D---- C:\Users\sabina\AppData\Roaming\Skype
2013-12-12 21:10:40 ----D---- C:\Windows\system32\NDF
2013-12-12 21:06:25 ----D---- C:\Program Files\Windows Media Player
2013-12-12 21:06:25 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-12 21:06:24 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-12-12 21:06:24 ----D---- C:\Windows\system32\sk-SK
2013-12-12 21:06:24 ----D---- C:\Program Files\Internet Explorer
2013-12-10 11:08:33 ----SHD---- C:\$Recycle.Bin
2013-12-06 10:05:54 ----SD---- C:\Users\sabina\AppData\Roaming\Microsoft
2013-12-01 01:35:13 ----D---- C:\Windows\Panther
2013-12-01 01:35:13 ----D---- C:\Windows\Logs
2013-12-01 01:00:03 ----D---- C:\ProgramData\Skype
2013-12-01 01:00:02 ----RD---- C:\Program Files (x86)\Skype
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\wbem
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\migration
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\en-US
2013-11-24 21:59:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-11-24 21:59:20 ----D---- C:\Windows\system32\wbem
2013-11-24 21:59:20 ----D---- C:\Windows\system32\migration
2013-11-24 21:59:20 ----D---- C:\Windows\system32\en-US
2013-11-24 21:59:20 ----D---- C:\Windows\system32\cs-CZ
2013-11-24 21:59:20 ----D---- C:\Windows\PolicyDefinitions
2013-11-14 17:58:33 ----D---- C:\Program Files\Google
2013-11-14 17:52:31 ----D---- C:\Windows\SoftwareDistribution
2013-11-14 17:52:17 ----D---- C:\ProgramData\Google
2013-11-04 23:44:42 ----D---- C:\Windows\SYSWOW64\LogFiles
2013-11-04 14:42:48 ----SD---- C:\ProgramData\Microsoft
2013-11-02 16:24:46 ----D---- C:\Users\sabina\AppData\Roaming\NVIDIA
2013-11-02 15:17:49 ----D---- C:\Windows\SYSWOW64\drivers
2013-11-02 15:09:38 ----D---- C:\Program Files\Common Files
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-01-24 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-01-24 207904]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-01-24 92544]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-01-24 1034464]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-24 422216]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-10-17 283064]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 AODDriver4.1;AODDriver4.1; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-11-13 55936]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-01-24 78648]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-01-24 79672]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-04-18 188736]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2012-01-13 56448]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD64.sys [2012-10-23 77144]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-05-04 361984]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-01-24 50344]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-10-23 580728]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-11-02 1038088]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2013-11-02 655624]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-26 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-26 1255736]
-----------------EOF-----------------
-
sabrina.sms
- Návštěvník
- Příspěvky: 21
- Registrován: 25 led 2014 18:53
Re: Spomalený internet,YT videa nefungujú atď.
Log z toho programu nejde vytvoriť lebo som tam nemala žiadnu hrozbu
Re: Spomalený internet,YT videa nefungujú atď.
1) Otevrte Poznamkovy blok (pokud ho nemate na plose, tak kliknete na Start, pak programy a prislusenstvi)2) Zkopirujte do nej ten zeleny text
Kód: Vybrat vše
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Printsrv"=-
4) Kliknete na napis Ulozit jako...
5) Napiste spravne ten cerveny nazev oprava.reg a pak vyberte u moznosti Ulozit jako typ : Vsechny soubory
6) Ulozte, nejlepe na plochu
7) Na to, co jste prave ulozil/a, 2x kliknete, ono se to spusti a vy to jen potvrdte
8) Pak ten soubor muzete smazat
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.
Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustteKliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat
Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
Defragmentujte disk(y)Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.27.2. pro neaktivitu
http://forum.viry.cz/viewtopic.php?f=12&t=123975Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?
