Windows 7 se zasekne při startu

[Márty84]

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Folder::
c:\programdata\McAfee

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"Skype"=-
"Sony PC Companion"=-
"GoogleDriveSync"=-
"uTorrent"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"HP Software Update"=-

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Driver::
BBSvc
SkypeUpdate
BBUpdate

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

[NoddyCzech]

Hotovo, přídávám log:
ComboFix 14-06-13.01 - NoddyCzech 16.06.2014 6:56.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.16346.13542 [GMT 2:00]
Spuštěný z: c:\users\NoddyCzech\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\NoddyCzech\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\McAfee
c:\programdata\McAfee\MCLOGS\McUICnt\McUicnt\McUicnt000.log
c:\programdata\McAfee\MCLOGS\PartnerCustom\McCHSvc\McCHSvc000.log
c:\programdata\McAfee\MCLOGS\PartnerCustom\McUicnt\McUicnt000.log
c:\programdata\McAfee\MCLOGS\PartnerCustom\SecurityScan_Release\SecurityScan_Release000.log
c:\programdata\McAfee\MCLOGS\PartnerCustom\SSScheduler\SSScheduler000.log
c:\programdata\McAfee\MCLOGS\SecurityScanner\McUicnt\McUicnt000.log
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\_ctypes.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\_elementtree.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\_hashlib.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\_multiprocessing.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\_socket.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\_ssl.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\pyexpat.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\pysqlite2._sqlite.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\python27.dll
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\pythoncom27.dll
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\PyWinTypes27.dll
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\select.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\unicodedata.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32api.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32com.shell.shell.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32crypt.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32event.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32file.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32gui.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32inet.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32pdh.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32pipe.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32process.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32profile.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32security.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\win32ts.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\windows._lib_cacheinvalidation.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wx._animate.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wx._controls_.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wx._core_.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wx._gdi_.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wx._html2.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wx._misc_.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wx._windows_.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wx._wizard.pyd
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wxbase294u_net_vc90.dll
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wxbase294u_vc90.dll
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wxmsw294u_adv_vc90.dll
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wxmsw294u_core_vc90.dll
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wxmsw294u_html_vc90.dll
c:\users\NODDYC~1\AppData\Local\Temp\_MEI32042\wxmsw294u_webview_vc90.dll
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\_ctypes.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\_elementtree.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\_hashlib.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\_multiprocessing.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\_socket.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\_ssl.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\pyexpat.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\pysqlite2._sqlite.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\python27.dll
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\pythoncom27.dll
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\PyWinTypes27.dll
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\select.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\unicodedata.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32api.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32com.shell.shell.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32crypt.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32event.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32file.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32gui.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32inet.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32pdh.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32pipe.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32process.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32profile.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32security.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\win32ts.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\windows._lib_cacheinvalidation.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wx._animate.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wx._controls_.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wx._core_.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wx._gdi_.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wx._html2.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wx._misc_.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wx._windows_.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wx._wizard.pyd
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wxbase294u_net_vc90.dll
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wxbase294u_vc90.dll
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wxmsw294u_adv_vc90.dll
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wxmsw294u_core_vc90.dll
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wxmsw294u_html_vc90.dll
c:\users\NoddyCzech\AppData\Local\Temp\_MEI32042\wxmsw294u_webview_vc90.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BBSvc
-------\Service_BBUpdate
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-16 do 2014-06-16 )))))))))))))))))))))))))))))))
.
.
2014-06-16 05:02 . 2014-06-16 05:02 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\temp
2014-06-16 05:02 . 2014-06-16 05:02 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-06-16 05:02 . 2014-06-16 05:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-15 13:37 . 2014-06-15 13:37 -------- d-----w- c:\programdata\RogueKiller
2014-06-15 11:55 . 2014-06-15 11:55 -------- d-----w- c:\users\NoddyCzech\AppData\Roaming\Malwarebytes
2014-06-15 11:55 . 2014-06-15 11:55 -------- d-----w- c:\programdata\Malwarebytes
2014-06-15 07:47 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-15 07:47 . 2014-06-15 07:48 -------- d-----w- C:\AdwCleaner
2014-06-15 07:32 . 2014-06-15 07:32 -------- d-----w- C:\rsit
2014-06-15 07:32 . 2014-06-15 07:32 -------- d-----w- c:\program files\trend micro
2014-06-15 07:01 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{15B75D1B-F4FE-4987-ADB4-BB8AFD7B5407}\mpengine.dll
2014-06-14 19:30 . 2014-06-14 19:30 -------- d-----w- c:\program files\Avatron
2014-06-13 19:56 . 2014-06-13 23:02 -------- d-----w- c:\users\NoddyCzech\AppData\Roaming\Apple Computer
2014-06-13 19:56 . 2014-06-13 19:56 -------- d-----w- c:\users\NoddyCzech\AppData\Local\Apple Computer
2014-06-13 19:56 . 2014-06-13 19:56 -------- dc----w- c:\windows\system32\DRVSTORE
2014-06-13 19:56 . 2012-08-21 11:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2014-06-13 19:55 . 2014-06-13 19:56 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-13 19:55 . 2014-06-13 19:56 -------- d-----w- c:\program files\iTunes
2014-06-13 19:55 . 2014-06-13 19:56 -------- d-----w- c:\program files (x86)\iTunes
2014-06-13 19:55 . 2014-06-13 19:55 -------- d-----w- c:\programdata\Apple Computer
2014-06-13 19:55 . 2014-06-13 19:55 -------- d-----w- c:\program files\iPod
2014-06-13 19:55 . 2014-06-13 19:55 -------- d-----w- c:\users\NoddyCzech\AppData\Local\Apple
2014-06-13 19:55 . 2014-06-13 19:55 -------- d-----w- c:\program files (x86)\Apple Software Update
2014-06-13 19:54 . 2014-06-13 19:54 -------- d-----w- c:\program files\Common Files\Apple
2014-06-13 19:54 . 2014-06-13 19:54 -------- d-----w- c:\program files\Bonjour
2014-06-13 19:54 . 2014-06-13 19:54 -------- d-----w- c:\program files (x86)\Bonjour
2014-06-13 19:54 . 2014-06-13 19:55 -------- d-----w- c:\program files (x86)\Common Files\Apple
2014-06-13 19:54 . 2014-06-13 19:55 -------- d-----w- c:\programdata\Apple
2014-06-13 19:43 . 2014-05-01 19:24 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3DFF8C76-F23F-4938-A0CC-16DDD9CF28A3}\gapaengine.dll
2014-06-13 19:43 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-12 11:50 . 2014-06-12 11:50 -------- d-----w- c:\programdata\Sony Mobile
2014-06-11 14:22 . 2014-06-11 14:22 -------- d-----w- c:\users\NoddyCzech\AppData\Local\ESN
2014-06-11 14:22 . 2014-06-11 14:22 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2014-06-11 12:51 . 2014-06-11 13:34 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2014-06-11 05:01 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-11 05:01 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-10 17:08 . 2014-06-10 17:08 27760 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2014-06-10 17:08 . 2014-06-10 17:08 14448 ----a-w- c:\windows\system32\drivers\ggflt.sys
2014-06-10 17:07 . 2014-06-12 11:50 -------- d-----w- c:\program files (x86)\Sony Mobile
2014-06-09 19:59 . 2014-06-09 20:03 -------- d-----w- c:\users\NoddyCzech\AppData\Local\Origin
2014-06-09 19:56 . 2014-06-11 14:22 -------- d-----w- c:\programdata\Electronic Arts
2014-06-09 19:56 . 2014-06-13 13:58 -------- d-----w- c:\program files (x86)\Origin
2014-06-08 16:48 . 2014-06-08 16:48 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2014-06-08 16:48 . 2014-06-08 16:48 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-06-08 16:46 . 2014-06-08 16:46 -------- d-sh--w- c:\users\NoddyCzech\AppData\Local\EmieUserList
2014-06-08 16:46 . 2014-06-08 16:46 -------- d-sh--w- c:\users\NoddyCzech\AppData\Local\EmieSiteList
2014-06-06 05:42 . 2014-06-06 05:42 -------- d-----w- c:\program files\Microsoft.NET
2014-06-05 15:33 . 2014-06-05 15:33 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-06-05 15:28 . 2014-06-05 15:28 -------- d-----w- c:\program files\Common Files\DESIGNER
2014-06-05 15:28 . 2014-06-05 15:28 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2014-06-05 15:27 . 2014-06-05 15:27 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2014-06-05 15:27 . 2014-06-05 15:28 -------- d-----w- c:\program files\Microsoft SQL Server
2014-06-05 15:27 . 2014-06-05 15:27 -------- d-----w- c:\windows\PCHEALTH
2014-06-05 15:25 . 2014-06-05 15:25 -------- d-----w- c:\program files\Microsoft Analysis Services
2014-06-05 15:25 . 2014-06-05 15:25 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2014-06-05 15:25 . 2014-06-05 15:27 -------- d-----w- c:\program files\Microsoft Office
2014-06-05 15:24 . 2014-06-05 15:24 -------- d-----r- C:\MSOCache
2014-06-04 11:17 . 2014-06-04 11:33 -------- d-----w- c:\program files (x86)\WATCH_DOGS
2014-06-03 14:25 . 2014-06-03 14:25 -------- d-----w- c:\users\NoddyCzech\AppData\Roaming\Mirror's Edge
2014-06-03 14:18 . 2014-06-03 14:18 -------- d-----w- c:\program files (x86)\R.G. Mechanics
2014-06-03 14:14 . 2014-06-03 14:14 -------- d-----w- c:\users\NoddyCzech\AppData\Local\Macromedia
2014-06-03 05:02 . 2014-06-03 05:02 -------- d-----w- C:\found.000
2014-05-31 12:33 . 2014-05-31 12:33 -------- d-----w- C:\Games
2014-05-30 18:02 . 2014-05-30 18:02 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-30 18:02 . 2014-05-30 18:02 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-30 18:02 . 2014-05-30 18:02 -------- d-----w- c:\windows\SysWow64\Macromed
2014-05-30 18:02 . 2014-05-30 18:02 -------- d-----w- c:\windows\system32\Macromed
2014-05-29 11:49 . 2014-06-10 13:16 -------- d-----w- c:\program files (x86)\Origin Games
2014-05-29 11:49 . 2014-06-09 19:59 -------- d-----w- c:\users\NoddyCzech\AppData\Roaming\Origin
2014-05-29 11:47 . 2014-06-13 13:59 -------- d-----w- c:\programdata\Origin
2014-05-27 10:12 . 2014-05-27 11:08 -------- d-----w- c:\users\NoddyCzech\AppData\Local\NVIDIA
2014-05-27 10:12 . 2014-05-27 10:21 -------- d-----w- c:\users\NoddyCzech\AppData\Local\NVIDIA Corporation
2014-05-27 10:12 . 2014-04-30 18:27 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-05-27 10:12 . 2014-04-30 18:26 1225920 ----a-w- c:\windows\system32\nvspcap64.dll
2014-05-27 10:12 . 2014-05-27 10:12 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-05-27 10:11 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-05-27 09:46 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-05-27 09:46 . 2014-03-31 16:42 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-05-27 09:46 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-05-27 09:45 . 2014-05-27 09:45 -------- d-----w- C:\NVIDIA
2014-05-24 20:30 . 2014-05-24 20:35 -------- d-----w- c:\users\NoddyCzech\Heaven
2014-05-24 20:14 . 2014-05-24 20:14 -------- d-----w- c:\program files (x86)\Unigine
2014-05-24 20:09 . 2014-05-24 20:09 -------- d-----w- c:\program files (x86)\GPU-Z
2014-05-24 20:04 . 2014-05-24 20:05 -------- d-----w- c:\program files (x86)\MSI Afterburner
2014-05-24 17:55 . 2014-06-15 11:57 -------- d-----w- c:\users\NoddyCzech\AppData\Local\CrashDumps
2014-05-24 16:48 . 2014-05-24 16:48 -------- d-----w- c:\users\NoddyCzech\AppData\Roaming\GRID Workspace
2014-05-23 20:49 . 2014-05-23 20:51 -------- d-----w- c:\users\NoddyCzech\AppData\Local\Ubisoft Game Launcher
2014-05-23 11:20 . 2014-05-23 11:20 -------- d-----w- c:\users\NoddyCzech\AppData\Local\The Witcher 2
2014-05-21 18:38 . 2014-05-21 18:38 -------- d-----w- c:\users\NoddyCzech\AppData\Roaming\OnLive App
2014-05-21 18:37 . 2014-05-21 18:39 -------- d-----w- c:\program files (x86)\OnLive
2014-05-21 09:14 . 2014-06-06 16:38 -------- d-----w- C:\Fraps
2014-05-21 06:19 . 2014-05-21 06:19 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-16 05:05 . 2014-06-16 05:05 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{15B75D1B-F4FE-4987-ADB4-BB8AFD7B5407}\offreg.dll
2014-06-16 04:50 . 2014-03-21 18:51 30528 ----a-w- c:\windows\GVTDrv64.sys
2014-06-16 04:50 . 2014-03-21 18:51 25640 ----a-w- c:\windows\gdrv.sys
2014-06-11 20:01 . 2014-03-24 06:23 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-06-11 13:34 . 2014-03-27 05:56 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-06-11 13:34 . 2014-03-27 05:56 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-06-11 13:34 . 2014-03-27 05:56 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-05-20 02:44 . 2014-03-21 18:49 61216 ----a-w- c:\windows\system32\OpenCL.dll
2014-05-20 02:44 . 2014-03-21 18:49 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-05-20 02:44 . 2014-03-21 18:48 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2014-03-21 18:48 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2014-03-21 18:48 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2014-03-21 18:48 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2014-03-21 18:48 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-05-20 01:25 . 2014-03-21 18:49 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2014-03-21 18:49 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2014-03-21 18:49 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2014-03-21 18:49 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2014-03-21 18:49 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2014-03-21 18:49 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-05-14 23:49 . 2014-03-21 18:49 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
2014-05-04 16:21 . 2014-05-04 16:21 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-05-04 16:21 . 2014-05-04 16:21 313256 ----a-w- c:\windows\system32\javaws.exe
2014-05-04 16:21 . 2014-05-04 16:21 189352 ----a-w- c:\windows\system32\javaw.exe
2014-05-04 16:21 . 2014-05-04 16:21 189352 ----a-w- c:\windows\system32\java.exe
2014-05-01 19:24 . 2014-05-01 19:24 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-27 09:18 . 2014-04-27 09:07 925184 ----a-w- c:\windows\expstart.exe
2014-04-24 05:09 . 2014-04-24 05:09 15823872 ----a-w- c:\users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
2014-04-24 05:08 . 2014-04-24 05:08 786492 ----a-w- c:\users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
2014-04-24 05:08 . 2014-04-24 05:08 107008 ----a-w- c:\users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
2014-04-17 07:56 . 2014-03-26 15:33 291760 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-04-17 03:31 . 2014-04-22 05:09 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AAA966AF-5B3A-4AB4-ABAF-26017DE9DCBA}\mpengine.dll
2014-04-14 18:13 . 2014-04-21 05:57 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22 . 2014-05-14 04:50 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-14 04:50 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-14 04:50 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-14 04:50 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-14 04:50 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-14 04:50 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-14 04:50 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-14 04:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-14 04:50 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-03-26 12:53 . 2014-03-26 12:53 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-03-25 02:43 . 2014-05-14 04:50 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-03-22 10:57 . 2014-03-22 10:57 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-03-22 10:57 . 2014-03-22 10:57 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-03-22 10:57 . 2014-03-22 10:57 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-03-22 10:57 . 2014-03-22 10:57 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-03-22 10:57 . 2014-03-22 10:57 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-03-22 10:57 . 2014-03-22 10:57 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-03-22 10:57 . 2014-03-22 10:57 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-03-22 10:57 . 2014-03-22 10:57 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-03-22 10:57 . 2014-03-22 10:57 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-03-22 10:57 . 2014-03-22 10:57 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-03-22 10:57 . 2014-03-22 10:57 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-03-22 10:57 . 2014-03-22 10:57 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-03-22 10:57 . 2014-03-22 10:57 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-03-22 10:57 . 2014-03-22 10:57 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-03-22 10:57 . 2014-03-22 10:57 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-03-22 10:57 . 2014-03-22 10:57 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-03-22 10:57 . 2014-03-22 10:57 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-03-22 10:57 . 2014-03-22 10:57 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-03-22 10:57 . 2014-03-22 10:57 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-03-22 10:57 . 2014-03-22 10:57 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-03-22 10:57 . 2014-03-22 10:57 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-03-22 10:57 . 2014-03-22 10:57 247808 ----a-w- c:\windows\system32\msls31.dll
2014-03-22 10:57 . 2014-03-22 10:57 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-03-22 10:57 . 2014-03-22 10:57 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-03-22 10:57 . 2014-03-22 10:57 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-03-22 10:57 . 2014-03-22 10:57 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-03-22 10:57 . 2014-03-22 10:57 413696 ----a-w- c:\windows\system32\html.iec
2014-03-22 10:57 . 2014-03-22 10:57 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-03-22 10:57 . 2014-03-22 10:57 81408 ----a-w- c:\windows\system32\icardie.dll
2014-03-22 10:57 . 2014-03-22 10:57 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-03-22 10:57 . 2014-03-22 10:57 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-03-22 10:57 . 2014-03-22 10:57 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-03-22 10:57 . 2014-03-22 10:57 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-03-22 10:57 . 2014-03-22 10:57 235520 ----a-w- c:\windows\system32\url.dll
2014-03-22 10:57 . 2014-03-22 10:57 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-03-22 10:57 . 2014-03-22 10:57 143872 ----a-w- c:\windows\system32\wextract.exe
2014-03-22 10:57 . 2014-03-22 10:57 101376 ----a-w- c:\windows\system32\inseng.dll
2014-03-22 10:56 . 2014-03-22 10:56 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-03-22 10:56 . 2014-03-22 10:56 774144 ----a-w- c:\windows\system32\jscript.dll
2014-03-22 10:56 . 2014-03-22 10:56 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-03-22 10:56 . 2014-03-22 10:56 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-03-22 10:56 . 2014-03-22 10:56 147968 ----a-w- c:\windows\system32\occache.dll
2014-03-22 10:56 . 2014-03-22 10:56 13824 ----a-w- c:\windows\system32\mshta.exe
2014-03-22 10:56 . 2014-03-22 10:56 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-03-22 02:23 . 2014-03-22 02:23 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-22 02:23 . 2014-03-22 02:23 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-22 02:23 . 2014-03-22 02:23 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-22 02:23 . 2014-03-22 02:23 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-22 02:23 . 2014-03-22 02:23 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-22 02:23 . 2014-03-22 02:23 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-22 02:23 . 2014-03-22 02:23 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-22 02:23 . 2014-03-22 02:23 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-22 02:23 . 2014-03-22 02:23 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-22 02:23 . 2014-03-22 02:23 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-22 02:23 . 2014-03-22 02:23 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-03-22 02:23 . 2014-03-22 02:23 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F72C8153-7140-4FEE-8F69-CA4579D71195}]
2013-04-01 02:22 73728 ----a-w- c:\program files (x86)\Tongbu\Addin\tbIEAddin.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-05-14 06:18 1730264 ----a-w- c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-05-14 06:18 1730264 ----a-w- c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-05-14 06:18 1730264 ----a-w- c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Air Display Support"="c:\program files\Avatron\Air Display\AirDisplay.exe" [2013-12-04 4189688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-01-12 5028464]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-05-26 152392]
.
c:\users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2013-10-29 36536]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GIGABYTE OC_GURU.lnk - c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [2012-8-31 17432576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 GPU-Z;GPU-Z;c:\users\NODDYC~1\AppData\Local\Temp\GPU-Z.sys;c:\users\NODDYC~1\AppData\Local\Temp\GPU-Z.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVPCIFilter;Avatron PCI Bus Device Filter;c:\windows\system32\DRIVERS\AVPCIFilter.sys;c:\windows\SYSNATIVE\DRIVERS\AVPCIFilter.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AVTHelper;AVTHelper;c:\program files\Avatron\Air Display\AVTHelper.exe;c:\program files\Avatron\Air Display\AVTHelper.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [x]
S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 AirDisplay;Air Display Support;c:\windows\system32\DRIVERS\AVVideoCard.sys;c:\windows\SYSNATIVE\DRIVERS\AVVideoCard.sys [x]
S3 AirDisplayMirror;Air Display Mirror Support;c:\windows\system32\DRIVERS\AVVideoCardMirror.sys;c:\windows\SYSNATIVE\DRIVERS\AVVideoCardMirror.sys [x]
S3 AirDisplayWDDM;AirDisplayWDDM;c:\windows\system32\DRIVERS\AVWDDMMiniPort.sys;c:\windows\SYSNATIVE\DRIVERS\AVWDDMMiniPort.sys [x]
S3 GPCIDrv;GPCIDrv;c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys;c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 KovaPlusFltr;ROCCAT Kova[+] Mouse;c:\windows\system32\drivers\KovaPlusFltr.sys;c:\windows\SYSNATIVE\drivers\KovaPlusFltr.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - GPCIDRV
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 17:40 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-30 18:02]
.
2014-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-21 19:05]
.
2014-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cf4a44321f8b3d.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-21 19:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-05-14 06:15 2335960 ----a-w- c:\progra~1\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-05-14 06:15 2335960 ----a-w- c:\progra~1\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-05-14 06:15 2335960 ----a-w- c:\progra~1\MIF5BA~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"="c:\via_xhci\usb3Monitor.exe" [2011-07-12 331776]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office15\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1 192.168.2.2
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\NoddyCzech\AppData\Roaming\Mozilla\Firefox\Profiles\lhwgxwwh.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-Dark Souls II_is1 - c:\program files (x86)\Dark Souls II\unins000.exe
AddRemove-Malwarebytes' Anti-Malware_is1 - c:\program files (x86)\Malwarebytes' Anti-Malware\unins000.exe
AddRemove-Wolfenstein The New Order_is1 - c:\program files (x86)\Wolfenstein The New Order\unins000.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-06-16 07:07:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-06-16 05:07
ComboFix2.txt 2014-06-15 14:58
.
Před spuštěním: Volných bajtů: 565 560 864 768
Po spuštění: Volných bajtů: 565 112 692 736
.
- - End Of File - - 79D58324DD7B4386D70A5B173597D6CE

[Márty84]

Jak to zatim vypada, nastala nejaka zmena?

Dejte novy log z RSIT

[NoddyCzech]

Zatím to vypadá dobře ale někdy to naskočilo na poprvé i předtím takže nevím :/

Log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by NoddyCzech at 2014-06-16 14:34:10
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 541 GB (57%) free of 954 GB
Total RAM: 16346 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:34:11, on 16.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\VIA_XHCI\usb3Monitor.exe
C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\NoddyCzech.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ͬ˛˝Ň»Ľü°˛×°Ö§łÖ - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files (x86)\Tongbu\Addin\tbIEAddin.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Air Display Support] "C:\Program Files\Avatron\Air Display\AirDisplay.exe"
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MIF5BA~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: AVTHelper - Avatron Software - C:\Program Files\Avatron\Air Display\AVTHelper.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Unknown owner - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (file missing)
O23 - Service: MBAMService - Unknown owner - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Splashtop Software Updater Service (SSUService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12633 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Avatron\Air Display\AVTHelper.exe"
"taskhost.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe"
-h
"C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\viakaraokesrv.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 08eff895-04d1-4890-8b7e-a27e9c6ea827 1
\??\C:\Windows\system32\conhost.exe "-1755415765151104100917722626981676460180-1055381046-839629946474948089-1202745209
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "308998991-1282279104-1349439048-7209205891413745760-8943040286696594931648331966
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\VIA_XHCI\usb3Monitor.exe"
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Avatron\Air Display\AirDisplay.exe"
"C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"SRFeature.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-056d4673-e803-41bf-863f-6bccecf81876 -SystemEventPortName:HostProcess-00f0b13d-8a1b-4ccf-ba52-44649854b97d -IoCancelEventPortName:HostProcess-281ed352-6a81-453d-9291-887b2e09be22 -NonStateChangingEventPortName:HostProcess-8b86a3c1-27fb-4c39-b14c-3355540dc974 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:a14f21b3-a65c-4f5b-9c42-93ca9f35b773 -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1112.0.1456760134\1299391378" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,15,39 --gpu-vendor-id=0x10de --gpu-device-id=0x11c6 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.3788 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1112.2.1681121907\2097020643" /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1112.4.103828279\1688191978" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1112.6.1016602833\1688432762" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="1112.7.1736303740\934829726" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1112.9.1585515594\1167671431" /prefetch:673131151
taskhost.exe $(Arg0)
C:\Windows\ehome\ehRecvr.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/Default/OmniboxBundledExperimentV1/StandardR4/OmniboxStopTimer/Standard/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --enable-software-compositing --channel="1112.11.621470745\1898266803" /prefetch:673131151
"C:\Users\NoddyCzech\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf4a44321f8b3d.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\NoddyCzech\AppData\Roaming\Mozilla\Firefox\Profiles\lhwgxwwh.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tongbu.com/tongbu,version=0.1]
"Description"=npTongbuAddin
"Path"=C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-05-21 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-04 553384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MIF5BA~1\Office15\GROOVEEX.DLL [2014-05-14 2335960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-04 211368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-05-21 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~4\Office15\GROOVEEX.DLL [2014-05-14 1730264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F72C8153-7140-4FEE-8F69-CA4579D71195}]
ͬ˛˝Ň»Ľü°˛×°Ö§łÖ - C:\Program Files (x86)\Tongbu\Addin\tbIEAddin.dll [2013-04-01 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10 1307928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"=C:\VIA_XHCI\usb3Monitor.exe [2011-07-12 331776]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-09-30 825184]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11 1271072]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-04-30 2199840]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-04-30 1225920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Air Display Support"=C:\Program Files\Avatron\Air Display\AirDisplay.exe [2013-12-04 4189688]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-01-12 5028464]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-11-29 284440]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-27 291608]
""= []
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-05-26 152392]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe

C:\Users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-06-16 07:07:52 ----D---- C:\Windows\temp
2014-06-16 07:07:51 ----A---- C:\ComboFix.txt
2014-06-16 07:03:59 ----SHD---- C:\$RECYCLE.BIN
2014-06-16 06:53:40 ----D---- C:\ComboFix
2014-06-15 16:50:30 ----A---- C:\Windows\zip.exe
2014-06-15 16:50:30 ----A---- C:\Windows\SWSC.exe
2014-06-15 16:50:30 ----A---- C:\Windows\SWREG.exe
2014-06-15 16:50:30 ----A---- C:\Windows\sed.exe
2014-06-15 16:50:30 ----A---- C:\Windows\PEV.exe
2014-06-15 16:50:30 ----A---- C:\Windows\NIRCMD.exe
2014-06-15 16:50:30 ----A---- C:\Windows\MBR.exe
2014-06-15 16:50:30 ----A---- C:\Windows\grep.exe
2014-06-15 16:50:27 ----D---- C:\Qoobox
2014-06-15 16:50:16 ----D---- C:\Windows\erdnt
2014-06-15 15:47:29 ----A---- C:\Windows\ntbtlog.txt
2014-06-15 15:37:40 ----D---- C:\ProgramData\RogueKiller
2014-06-15 13:55:45 ----D---- C:\Users\NoddyCzech\AppData\Roaming\Malwarebytes
2014-06-15 13:55:39 ----D---- C:\ProgramData\Malwarebytes
2014-06-15 09:47:59 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-06-15 09:47:21 ----D---- C:\AdwCleaner
2014-06-15 09:32:52 ----D---- C:\rsit
2014-06-15 09:32:52 ----D---- C:\Program Files\trend micro
2014-06-14 21:30:19 ----D---- C:\Program Files\Avatron
2014-06-13 21:56:34 ----D---- C:\Users\NoddyCzech\AppData\Roaming\Apple Computer
2014-06-13 21:56:31 ----DC---- C:\Windows\system32\DRVSTORE
2014-06-13 21:56:31 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2014-06-13 21:55:37 ----D---- C:\ProgramData\Apple Computer
2014-06-13 21:55:37 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-13 21:55:37 ----D---- C:\Program Files\iTunes
2014-06-13 21:55:37 ----D---- C:\Program Files\iPod
2014-06-13 21:55:37 ----D---- C:\Program Files (x86)\iTunes
2014-06-13 21:55:14 ----D---- C:\Program Files (x86)\Apple Software Update
2014-06-13 21:54:51 ----D---- C:\Program Files\Common Files\Apple
2014-06-13 21:54:44 ----D---- C:\Program Files\Bonjour
2014-06-13 21:54:44 ----D---- C:\Program Files (x86)\Bonjour
2014-06-13 21:54:37 ----D---- C:\ProgramData\Apple
2014-06-12 13:50:09 ----D---- C:\ProgramData\Sony Mobile
2014-06-11 16:22:32 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2014-06-11 07:02:59 ----A---- C:\Windows\SYSWOW64\usp10.dll
2014-06-11 07:02:59 ----A---- C:\Windows\system32\usp10.dll
2014-06-11 07:02:58 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2014-06-11 07:02:58 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2014-06-11 07:02:58 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-06-11 07:02:58 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-06-11 07:02:58 ----A---- C:\Windows\system32\msxml6r.dll
2014-06-11 07:02:58 ----A---- C:\Windows\system32\msxml6.dll
2014-06-11 07:02:58 ----A---- C:\Windows\system32\msxml3r.dll
2014-06-11 07:02:58 ----A---- C:\Windows\system32\msxml3.dll
2014-06-11 07:02:58 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-06-11 07:02:58 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 07:02:57 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-06-11 07:02:57 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-06-11 07:02:57 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-06-11 07:02:57 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 07:02:57 ----A---- C:\Windows\system32\rdpcorets.dll
2014-06-11 07:02:56 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-06-11 07:02:56 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-06-11 07:02:56 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-06-11 07:02:56 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-11 07:02:56 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-06-11 07:02:56 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 07:02:56 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-06-11 07:02:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-06-11 07:02:55 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-06-11 07:02:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-06-11 07:02:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-06-11 07:02:55 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-06-11 07:02:55 ----A---- C:\Windows\system32\urlmon.dll
2014-06-11 07:02:55 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 07:02:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-06-11 07:02:55 ----A---- C:\Windows\system32\dxtmsft.dll
2014-06-11 07:02:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-06-11 07:02:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-06-11 07:02:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-06-11 07:02:54 ----A---- C:\Windows\system32\iesetup.dll
2014-06-11 07:02:54 ----A---- C:\Windows\system32\ie4uinit.exe
2014-06-11 07:02:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-06-11 07:02:53 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-06-11 07:02:53 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-06-11 07:02:53 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-06-11 07:02:53 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-06-11 07:02:53 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-06-11 07:02:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-06-11 07:02:53 ----A---- C:\Windows\system32\jsproxy.dll
2014-06-11 07:02:53 ----A---- C:\Windows\system32\iertutil.dll
2014-06-11 07:02:53 ----A---- C:\Windows\system32\iernonce.dll
2014-06-11 07:02:52 ----A---- C:\Windows\system32\mshtmled.dll
2014-06-11 07:02:52 ----A---- C:\Windows\system32\ieui.dll
2014-06-11 07:02:52 ----A---- C:\Windows\system32\ieframe.dll
2014-06-11 07:02:52 ----A---- C:\Windows\system32\dxtrans.dll
2014-06-11 07:02:51 ----A---- C:\Windows\system32\wininet.dll
2014-06-11 07:02:51 ----A---- C:\Windows\system32\vbscript.dll
2014-06-11 07:02:51 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-06-11 07:02:51 ----A---- C:\Windows\system32\jscript9diag.dll
2014-06-11 07:02:51 ----A---- C:\Windows\system32\jscript9.dll
2014-06-11 07:02:51 ----A---- C:\Windows\system32\ieUnatt.exe
2014-06-11 07:02:51 ----A---- C:\Windows\system32\ieapfltr.dll
2014-06-11 07:02:50 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 07:02:50 ----A---- C:\Windows\system32\msrating.dll
2014-06-11 07:02:50 ----A---- C:\Windows\system32\mshtml.dll
2014-06-11 07:01:42 ----A---- C:\Windows\system32\aepdu.dll
2014-06-11 07:01:42 ----A---- C:\Windows\system32\aeinv.dll
2014-06-10 19:08:02 ----A---- C:\Windows\system32\drivers\ggsemc.sys
2014-06-10 19:08:02 ----A---- C:\Windows\system32\drivers\ggflt.sys
2014-06-10 19:07:24 ----D---- C:\Program Files (x86)\Sony Mobile
2014-06-09 21:56:36 ----D---- C:\ProgramData\Electronic Arts
2014-06-09 21:56:35 ----D---- C:\Program Files (x86)\Origin
2014-06-06 07:42:51 ----D---- C:\Program Files\Microsoft.NET
2014-06-05 17:33:23 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-06-05 17:28:17 ----D---- C:\Program Files\Common Files\DESIGNER
2014-06-05 17:28:06 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2014-06-05 17:27:51 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-06-05 17:27:26 ----D---- C:\Windows\PCHEALTH
2014-06-05 17:27:26 ----D---- C:\Program Files\Microsoft SQL Server
2014-06-05 17:25:51 ----D---- C:\Program Files\Microsoft Analysis Services
2014-06-05 17:25:51 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-06-05 17:25:34 ----D---- C:\Program Files (x86)\Microsoft Office
2014-06-05 17:25:28 ----D---- C:\Program Files\Microsoft Office
2014-06-05 17:24:24 ----RD---- C:\MSOCache
2014-06-04 13:17:29 ----D---- C:\Program Files (x86)\WATCH_DOGS
2014-06-03 16:25:27 ----D---- C:\Users\NoddyCzech\AppData\Roaming\Mirror's Edge
2014-06-03 16:18:38 ----D---- C:\Program Files (x86)\R.G. Mechanics
2014-06-03 07:02:53 ----D---- C:\found.000
2014-05-31 14:33:22 ----D---- C:\Games
2014-05-30 20:19:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-30 20:02:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-05-30 20:02:52 ----D---- C:\Windows\SYSWOW64\Macromed
2014-05-30 20:02:51 ----D---- C:\Windows\system32\Macromed
2014-05-29 13:49:37 ----D---- C:\Program Files (x86)\Origin Games
2014-05-29 13:49:20 ----D---- C:\Users\NoddyCzech\AppData\Roaming\Origin
2014-05-29 13:47:26 ----D---- C:\ProgramData\Origin
2014-05-27 12:12:25 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2014-05-27 12:12:25 ----A---- C:\Windows\system32\nvspcap64.dll
2014-05-27 12:12:01 ----D---- C:\Program Files (x86)\AGEIA Technologies
2014-05-27 12:11:34 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2014-05-27 12:09:43 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2014-05-27 12:09:43 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2014-05-27 12:09:43 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2014-05-27 12:09:43 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2014-05-27 12:09:43 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2014-05-27 12:09:43 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2014-05-27 12:09:43 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2014-05-27 12:09:43 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2014-05-27 12:09:43 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2014-05-27 12:09:43 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\nvopencl.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\nvoglv64.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\nvoglshim64.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\nvinitx.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\NvIFR64.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\nvhdap64.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\nvhdagenco6420103.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\NvFBC64.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\nvdispgenco6433788.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\nvdispco6433788.dll
2014-05-27 12:09:43 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2014-05-27 12:09:43 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2014-05-27 12:09:42 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2014-05-27 12:09:42 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2014-05-27 12:09:42 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2014-05-27 12:09:42 ----A---- C:\Windows\system32\nvd3dumx.dll
2014-05-27 12:09:42 ----A---- C:\Windows\system32\nvcuvid.dll
2014-05-27 12:09:42 ----A---- C:\Windows\system32\nvcuvenc.dll
2014-05-27 12:09:42 ----A---- C:\Windows\system32\nvcuda.dll
2014-05-27 12:09:41 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2014-05-27 12:09:41 ----A---- C:\Windows\system32\nvcompiler.dll
2014-05-27 11:46:12 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2014-05-27 11:46:07 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2014-05-27 11:46:07 ----A---- C:\Windows\system32\nvaudcap64v.dll
2014-05-27 11:45:37 ----D---- C:\NVIDIA
2014-05-24 22:14:21 ----D---- C:\Program Files (x86)\Unigine
2014-05-24 22:09:14 ----D---- C:\Program Files (x86)\GPU-Z
2014-05-24 22:04:32 ----D---- C:\Program Files (x86)\MSI Afterburner
2014-05-24 18:48:07 ----D---- C:\Users\NoddyCzech\AppData\Roaming\GRID Workspace
2014-05-21 20:38:03 ----D---- C:\Users\NoddyCzech\AppData\Roaming\OnLive App
2014-05-21 20:37:59 ----D---- C:\Program Files (x86)\OnLive
2014-05-21 11:14:14 ----D---- C:\Fraps

======List of files/folders modified in the last 1 month======

2014-06-16 14:31:54 ----D---- C:\Users\NoddyCzech\AppData\Roaming\Skype
2014-06-16 14:28:40 ----D---- C:\Windows\system32\config
2014-06-16 14:27:17 ----A---- C:\Windows\SYSWOW64\log.txt
2014-06-16 14:24:53 ----D---- C:\ProgramData\NVIDIA
2014-06-16 07:07:53 ----D---- C:\Windows\system32\drivers
2014-06-16 07:07:52 ----D---- C:\Windows
2014-06-16 07:04:29 ----D---- C:\Windows\Prefetch
2014-06-16 07:03:53 ----A---- C:\Windows\system.ini
2014-06-16 07:03:51 ----D---- C:\Windows\system32\drivers\etc
2014-06-16 07:02:14 ----D---- C:\ProgramData
2014-06-16 07:00:28 ----D---- C:\Windows\SYSWOW64\drivers
2014-06-16 07:00:28 ----D---- C:\Windows\SysWOW64
2014-06-16 07:00:28 ----D---- C:\Windows\AppPatch
2014-06-16 07:00:28 ----D---- C:\Program Files (x86)\Common Files
2014-06-16 06:54:01 ----SHD---- C:\System Volume Information
2014-06-16 06:50:13 ----D---- C:\Users\NoddyCzech\AppData\Roaming\uTorrent
2014-06-15 20:12:30 ----D---- C:\Program Files (x86)\Steam
2014-06-15 15:47:31 ----D---- C:\Windows\Minidump
2014-06-15 15:36:53 ----RD---- C:\Program Files (x86)
2014-06-15 14:47:44 ----D---- C:\Windows\System32
2014-06-15 14:47:44 ----D---- C:\Windows\inf
2014-06-15 14:47:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-06-15 09:32:52 ----RD---- C:\Program Files
2014-06-15 09:14:38 ----D---- C:\Torrents
2014-06-14 21:31:40 ----SHD---- C:\Windows\Installer
2014-06-14 21:31:25 ----D---- C:\Windows\system32\DriverStore
2014-06-14 21:31:25 ----D---- C:\Windows\system32\catroot
2014-06-14 18:42:58 ----D---- C:\Program Files (x86)\Tongbu
2014-06-14 11:00:07 ----D---- C:\ProgramData\Microsoft Help
2014-06-13 21:55:15 ----D---- C:\Windows\system32\Tasks
2014-06-13 21:54:51 ----D---- C:\Program Files\Common Files
2014-06-13 08:11:11 ----D---- C:\Windows\system32\catroot2
2014-06-12 18:27:56 ----D---- C:\Windows\rescache
2014-06-12 14:50:14 ----D---- C:\Users\NoddyCzech\AppData\Roaming\.minecraft
2014-06-12 06:56:14 ----D---- C:\Windows\winsxs
2014-06-12 06:53:19 ----D---- C:\Windows\SYSWOW64\en-US
2014-06-12 06:53:19 ----D---- C:\Program Files\Internet Explorer
2014-06-12 06:53:18 ----D---- C:\Windows\system32\en-US
2014-06-12 06:53:15 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-11 22:02:32 ----D---- C:\Windows\system32\MRT
2014-06-11 22:01:25 ----A---- C:\Windows\system32\MRT.exe
2014-06-11 22:01:07 ----RSD---- C:\Windows\assembly
2014-06-11 21:57:33 ----SD---- C:\Windows\system32\CompatTel
2014-06-11 15:34:21 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-06-11 15:34:16 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2014-06-08 19:09:23 ----D---- C:\Windows\Microsoft.NET
2014-06-08 18:47:09 ----SD---- C:\Users\NoddyCzech\AppData\Roaming\Microsoft
2014-06-07 17:19:40 ----D---- C:\Users\NoddyCzech\AppData\Roaming\TS3Client
2014-06-06 07:44:00 ----A---- C:\Windows\win.ini
2014-06-06 07:42:50 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-06-06 07:42:50 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-06-06 07:42:48 ----RSD---- C:\Windows\Fonts
2014-06-05 17:33:08 ----D---- C:\Windows\ShellNew
2014-06-05 17:27:26 ----SD---- C:\ProgramData\Microsoft
2014-06-05 17:26:50 ----D---- C:\Program Files\Common Files\System
2014-06-05 16:42:23 ----D---- C:\Program Files (x86)\MSBuild
2014-06-04 13:38:12 ----D---- C:\ProgramData\Orbit
2014-05-31 17:49:37 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-30 20:02:55 ----D---- C:\Windows\Tasks
2014-05-29 19:18:38 ----D---- C:\ProgramData\PMB Files
2014-05-27 18:03:05 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-27 12:21:42 ----D---- C:\ProgramData\NVIDIA Corporation
2014-05-27 12:12:25 ----D---- C:\Program Files\NVIDIA Corporation
2014-05-27 12:12:24 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-05-27 12:09:51 ----RD---- C:\Users
2014-05-24 23:14:50 ----D---- C:\Windows\LiveKernelReports
2014-05-23 22:48:58 ----D---- C:\Program Files (x86)\Ubisoft
2014-05-21 08:19:09 ----D---- C:\ProgramData\Skype
2014-05-21 08:19:08 ----RD---- C:\Program Files (x86)\Skype
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2014-05-20 04:44:03 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\OpenCL.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvumdshimx.dll
2014-05-20 04:44:03 ----A---- C:\Windows\system32\nvapi64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25:42 ----A---- C:\Windows\system32\nvcpl.dll
2014-05-20 03:25:39 ----A---- C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvshext.dll
2014-05-20 03:25:38 ----A---- C:\Windows\system32\nvmctray.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVPCIFilter;Avatron PCI Bus Device Filter; C:\Windows\system32\DRIVERS\AVPCIFilter.sys [2013-12-04 36344]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2011-11-29 568600]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-27 16152]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-01-25 268512]
R0 mvs91xx;mvs91xx; C:\Windows\system32\DRIVERS\mvs91xx.sys [2011-08-09 315696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-11-02 21616]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-26 283064]
R3 AirDisplay;Air Display Support; C:\Windows\system32\DRIVERS\AVVideoCard.sys [2013-12-04 15352]
R3 AirDisplayMirror;Air Display Mirror Support; C:\Windows\system32\DRIVERS\AVVideoCardMirror.sys [2013-12-04 15352]
R3 AirDisplayWDDM;AirDisplayWDDM; C:\Windows\system32\DRIVERS\AVWDDMMiniPort.sys [2013-12-04 48632]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2010-02-04 14376]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-27 356120]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-27 787736]
R3 KovaPlusFltr;ROCCAT Kova[+] Mouse; C:\Windows\system32\drivers\KovaPlusFltr.sys [2010-01-25 15104]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-08-12 104560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-05-20 197408]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-04-30 18776]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2012-01-10 2184816]
R3 VUSB3HUB;VIA USB 3 Root Hub Service; C:\Windows\system32\DRIVERS\ViaHub3.sys [2012-01-20 205312]
R3 xhcdrv;VIA USB eXtensible Host Controller Service; C:\Windows\system32\DRIVERS\xhcdrv.sys [2012-01-20 254464]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-06-16 25640]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2014-06-10 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2014-06-10 27760]
S3 GPU-Z;GPU-Z; \??\C:\Users\NODDYC~1\AppData\Local\Temp\GPU-Z.sys []
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2014-06-16 30528]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 133928]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2013-03-18 54784]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;Sony sa0108 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-02-12 43336]
R2 AVTHelper;AVTHelper; C:\Program Files\Avatron\Air Display\AVTHelper.exe [2013-12-04 237048]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-29 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-03-11 23808]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-04-30 1617696]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-04-30 21007192]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-06-11 76888]
R2 SplashtopRemoteService;Splashtop® Remote Service; C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2014-03-24 790880]
R2 SSUService;Splashtop Software Updater Service; C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-10-09 609056]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe [2012-01-10 27760]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-05-26 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-21 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe []
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-30 257712]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-03-22 49152]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-21 116648]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-30 119408]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-03-11 347872]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-05-29 543424]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-03-22 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

Uvidime Jeste to neni hotove.


Odinstaloval jste MBAM? Vidim tam bezet jeho sluzby i drivery.


Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[NoddyCzech]

Zase to ráno seklo
MBAM jsem odinstaloval

Logy:


OTL logfile created on: 17.6.2014 6:15:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\NoddyCzech\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

15,96 Gb Total Physical Memory | 13,52 Gb Available Physical Memory | 84,67% Memory free
31,92 Gb Paging File | 29,35 Gb Available in Paging File | 91,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,29 Gb Total Space | 528,04 Gb Free Space | 56,70% Space Free | Partition Type: NTFS
Drive I: | 149,05 Gb Total Space | 148,75 Gb Free Space | 99,80% Space Free | Partition Type: NTFS

Computer Name: NODDY | User Name: NoddyCzech | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014.06.17 06:14:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\NoddyCzech\Desktop\OTL.exe
PRC - [2014.06.11 15:34:16 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2014.06.05 15:58:39 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014.05.20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2014.04.30 20:28:45 | 002,199,840 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014.04.30 20:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014.03.24 15:07:36 | 000,790,880 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
PRC - [2014.03.24 15:07:34 | 003,918,176 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
PRC - [2014.03.24 15:07:28 | 007,177,056 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
PRC - [2013.10.09 05:47:54 | 000,609,056 | ---- | M] (Splashtop Inc.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2012.08.31 14:23:26 | 017,432,576 | ---- | M] (GIGABYTE Technology Co.,Ltd.) -- C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
PRC - [2012.01.27 11:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011.12.16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.12.16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.12.16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2011.11.29 21:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.11.29 21:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.07.12 10:14:26 | 000,331,776 | R--- | M] (VIA Technologies, Inc.) -- C:\VIA_XHCI\usb3Monitor.exe


========== Modules (No Company Name) ==========

MOD - [2014.06.05 15:58:38 | 000,414,536 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppgooglenaclpluginchrome.dll
MOD - [2014.06.05 15:58:36 | 004,217,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
MOD - [2014.06.05 15:58:32 | 000,716,616 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
MOD - [2014.06.05 15:58:31 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
MOD - [2014.06.05 15:58:30 | 001,732,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
MOD - [2014.05.14 14:05:42 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\6b81a58601cb555dd9e63bc05557751b\IAStorUtil.ni.dll
MOD - [2014.05.14 13:34:59 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014.04.23 16:05:12 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014.04.23 16:04:54 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014.03.22 05:52:25 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\33f1f62a80540af6dba6af268692c041\IAStorCommon.ni.dll
MOD - [2014.03.22 05:50:17 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014.03.22 05:50:13 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014.03.22 05:50:10 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.03.22 05:50:08 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.03.22 05:49:56 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014.03.22 05:49:55 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.03.22 05:49:52 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013.07.08 14:43:52 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_cs_b77a5c561934e089\mscorlib.resources.dll
MOD - [2013.07.08 14:43:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_cs_b77a5c561934e089\System.Runtime.Remoting.resources.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014.05.30 11:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014.04.30 20:28:23 | 021,007,192 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014.03.11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014.03.11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013.12.04 15:15:56 | 000,237,048 | ---- | M] (Avatron Software) [Auto | Running] -- C:\Program Files\Avatron\Air Display\AVTHelper.exe -- (AVTHelper)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012.01.10 16:09:50 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV:64bit: - [2011.12.08 17:38:24 | 000,607,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2014.06.11 15:34:16 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2014.05.30 20:19:35 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.05.30 20:02:54 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.05.29 19:36:52 | 000,543,424 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014.05.20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.04.30 20:28:32 | 001,617,696 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014.03.24 15:07:36 | 000,790,880 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe -- (SplashtopRemoteService)
SRV - [2014.03.22 10:41:54 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013.10.09 05:47:54 | 000,609,056 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.02.04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.12.16 13:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.12.16 13:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.12.16 12:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011.11.29 21:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.08.30 16:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014.06.10 19:08:02 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2014.06.10 19:08:02 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2014.05.20 04:44:03 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014.04.30 20:28:22 | 000,018,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014.03.31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014.03.26 14:53:27 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014.03.11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2013.12.04 15:15:22 | 000,048,632 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVWDDMMiniPort.sys -- (AirDisplayWDDM)
DRV:64bit: - [2013.12.04 15:15:22 | 000,036,344 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVPCIFilter.sys -- (AVPCIFilter)
DRV:64bit: - [2013.12.04 15:15:20 | 000,015,352 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVVideoCardMirror.sys -- (AirDisplayMirror)
DRV:64bit: - [2013.12.04 15:15:20 | 000,015,352 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVVideoCard.sys -- (AirDisplay)
DRV:64bit: - [2013.10.02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.03.18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.17 19:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.27 11:39:33 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.01.27 11:39:33 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.01.27 11:39:33 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.01.20 06:39:16 | 000,205,312 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV:64bit: - [2012.01.20 06:39:04 | 000,254,464 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xhcdrv.sys -- (xhcdrv)
DRV:64bit: - [2012.01.10 16:09:44 | 002,184,816 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2011.11.29 20:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.11.02 11:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011.08.12 00:54:16 | 000,104,560 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011.08.09 07:42:36 | 000,315,696 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.01.25 14:24:00 | 000,015,104 | ---- | M] (ROCCAT Development, Inc.) [+] Mouse [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KovaPlusFltr.sys -- (KovaPlusFltr)
DRV:64bit: - [2009.08.21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2014.06.16 06:50:23 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2014.06.16 06:50:12 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2010.02.04 11:09:00 | 000,014,376 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys -- (GPCIDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-759392122-1515027182-328857685-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-759392122-1515027182-328857685-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-759392122-1515027182-328857685-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-759392122-1515027182-328857685-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.4.0: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tongbu.com/tongbu,version=0.1: C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll (同步网络平台)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.06.06 07:34:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

[2014.03.22 15:28:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NoddyCzech\AppData\Roaming\Mozilla\Extensions
[2014.04.15 18:22:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\NoddyCzech\AppData\Roaming\Mozilla\Firefox\Profiles\lhwgxwwh.default\extensions
[2014.04.15 18:22:20 | 000,071,968 | ---- | M] () (No name found) -- C:\Users\NoddyCzech\AppData\Roaming\Mozilla\Firefox\Profiles\lhwgxwwh.default\extensions\multifox@hultmann.xpi
[2014.05.30 20:19:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.05.30 20:19:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.04.25 13:23:58 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Disk Google = C:\Users\NoddyCzech\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Adblock Plus = C:\Users\NoddyCzech\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: plugCubed = C:\Users\NoddyCzech\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipflinfkekcenojmoohjoionlhiljli\3.0.5.999_0\
CHR - Extension: Star Stable Online = C:\Users\NoddyCzech\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnlmdkpemkkigkgelegknllpmfclakkk\1.0.0.5_0\
CHR - Extension: Peněženka Google = C:\Users\NoddyCzech\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: Monstercat - By Thano9 = C:\Users\NoddyCzech\AppData\Local\Google\Chrome\User Data\Default\Extensions\odlgcmpehdlcbaknplhekogaphhoemng\1_0\

O1 HOSTS File: ([2014.06.16 07:03:51 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ͬ˛˝Ň»Ľü°˛×°Ö§łÖ) - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files (x86)\Tongbu\Addin\tbIEAddin.dll (同步网络平台)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [VIAxHCUtl] C:\VIA_XHCI\usb3Monitor.exe (VIA Technologies, Inc.)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-21-759392122-1515027182-328857685-1000..\Run: [Air Display Support] C:\Program Files\Avatron\Air Display\AirDisplay.exe (Avatron Software, Inc)
O4 - Startup: C:\Users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-759392122-1515027182-328857685-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-759392122-1515027182-328857685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-759392122-1515027182-328857685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD4D5954-FCD6-4972-9C34-C162DCA39554}: DhcpNameServer = 192.168.1.1 192.168.2.2
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point


Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014.06.17 06:14:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\NoddyCzech\Desktop\OTL.exe
[2014.06.16 07:07:52 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014.06.16 07:03:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014.06.16 06:53:40 | 000,000,000 | ---D | C] -- C:\ComboFix
[2014.06.15 16:50:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014.06.15 16:50:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014.06.15 16:50:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014.06.15 16:50:27 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014.06.15 16:50:16 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014.06.15 16:45:30 | 005,206,928 | R--- | C] (Swearware) -- C:\Users\NoddyCzech\Documents\ComboFix.exe
[2014.06.15 15:37:40 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2014.06.15 13:55:45 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Roaming\Malwarebytes
[2014.06.15 13:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.06.15 09:47:59 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\Windows\SysWow64\sqlite3.dll
[2014.06.15 09:47:21 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.06.15 09:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014.06.15 09:32:52 | 000,000,000 | ---D | C] -- C:\rsit
[2014.06.14 21:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Air Display
[2014.06.14 21:30:19 | 000,000,000 | ---D | C] -- C:\Program Files\Avatron
[2014.06.13 21:56:34 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Roaming\Apple Computer
[2014.06.13 21:56:34 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Local\Apple Computer
[2014.06.13 21:56:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014.06.13 21:56:31 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2014.06.13 21:56:31 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2014.06.13 21:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014.06.13 21:55:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014.06.13 21:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014.06.13 21:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014.06.13 21:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014.06.13 21:55:15 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Local\Apple
[2014.06.13 21:55:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2014.06.13 21:54:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2014.06.13 21:54:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2014.06.13 21:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2014.06.13 21:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014.06.13 21:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2014.06.13 07:19:46 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\Documents\Vlastní šablony Office
[2014.06.12 13:50:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Mobile
[2014.06.11 16:22:44 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\Documents\BFH.Beta
[2014.06.11 16:22:35 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Local\ESN
[2014.06.11 16:22:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2014.06.11 15:34:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield Hardline Beta
[2014.06.11 14:51:27 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2014.06.11 07:02:59 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2014.06.11 07:02:58 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014.06.11 07:02:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml6r.dll
[2014.06.11 07:02:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6r.dll
[2014.06.11 07:02:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014.06.11 07:02:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014.06.11 07:02:57 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014.06.11 07:02:57 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.06.11 07:02:57 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.06.11 07:02:57 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.06.11 07:02:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014.06.11 07:02:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.06.11 07:02:56 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.06.11 07:02:56 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.06.11 07:02:55 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.06.11 07:02:55 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.06.11 07:02:55 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.06.11 07:02:55 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.06.11 07:02:55 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.06.11 07:02:55 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.06.11 07:02:54 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.06.11 07:02:54 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.06.11 07:02:54 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.06.11 07:02:54 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.06.11 07:02:54 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.06.11 07:02:53 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.06.11 07:02:53 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.06.11 07:02:53 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.06.11 07:02:53 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.06.11 07:02:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.06.11 07:02:52 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.06.11 07:02:52 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.06.11 07:02:52 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.06.11 07:02:51 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.06.11 07:02:51 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.06.11 07:02:51 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.06.11 07:02:51 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.06.11 07:02:51 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.06.11 07:02:51 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.06.11 07:02:50 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.06.11 07:02:50 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.06.11 07:01:42 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014.06.11 07:01:42 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014.06.11 06:54:45 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\Documents\Sony
[2014.06.10 19:08:06 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
[2014.06.10 19:08:02 | 000,027,760 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2014.06.10 19:08:02 | 000,014,448 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2014.06.10 19:07:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Mobile
[2014.06.09 21:59:15 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Local\Origin
[2014.06.09 21:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2014.06.09 21:56:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2014.06.09 21:56:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2014.06.08 18:46:39 | 000,000,000 | -HSD | C] -- C:\Users\NoddyCzech\AppData\Local\EmieUserList
[2014.06.08 18:46:39 | 000,000,000 | -HSD | C] -- C:\Users\NoddyCzech\AppData\Local\EmieSiteList
[2014.06.06 07:42:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2014.06.05 17:33:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2014.06.05 17:28:35 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014.06.05 17:28:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2014.06.05 17:28:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2014.06.05 17:27:51 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014.06.05 17:27:26 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2014.06.05 17:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2014.06.05 17:25:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2014.06.05 17:25:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2014.06.05 17:25:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2014.06.05 17:25:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2014.06.05 17:24:24 | 000,000,000 | R--D | C] -- C:\MSOCache
[2014.06.04 13:33:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WATCH_DOGS
[2014.06.04 13:17:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WATCH_DOGS
[2014.06.03 16:41:24 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\Documents\EA Games
[2014.06.03 16:25:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
[2014.06.03 16:25:27 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Roaming\Mirror's Edge
[2014.06.03 16:18:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\R.G. Mechanics
[2014.06.03 16:14:44 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Local\Macromedia
[2014.06.03 07:02:53 | 000,000,000 | ---D | C] -- C:\found.000
[2014.05.31 14:33:34 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Forest 1.0
[2014.05.31 14:33:22 | 000,000,000 | ---D | C] -- C:\Games
[2014.05.30 20:47:13 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\Documents\MultiMC
[2014.05.30 20:19:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.05.30 20:02:54 | 000,692,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.05.30 20:02:54 | 000,070,832 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.05.30 20:02:52 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2014.05.30 20:02:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2014.05.29 13:49:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2014.05.29 13:49:20 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Roaming\Origin
[2014.05.29 13:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2014.05.27 12:12:25 | 001,225,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2014.05.27 12:12:25 | 001,081,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014.05.27 12:12:25 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Local\NVIDIA Corporation
[2014.05.27 12:12:25 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Local\NVIDIA
[2014.05.27 12:12:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014.05.27 12:11:34 | 000,601,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014.05.27 12:09:43 | 031,387,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.05.27 12:09:43 | 024,025,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.05.27 12:09:43 | 016,003,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.05.27 12:09:43 | 011,599,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.05.27 12:09:43 | 009,697,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.05.27 12:09:43 | 001,889,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433788.dll
[2014.05.27 12:09:43 | 001,541,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433788.dll
[2014.05.27 12:09:43 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2014.05.27 12:09:43 | 000,895,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.05.27 12:09:43 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.05.27 12:09:43 | 000,867,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.05.27 12:09:43 | 000,861,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.05.27 12:09:43 | 000,837,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.05.27 12:09:43 | 000,492,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.05.27 12:09:43 | 000,416,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.05.27 12:09:43 | 000,382,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.05.27 12:09:43 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.05.27 12:09:43 | 000,335,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.05.27 12:09:43 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.05.27 12:09:43 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2014.05.27 12:09:43 | 000,166,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.05.27 12:09:43 | 000,146,480 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.05.27 12:09:43 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2014.05.27 12:09:42 | 017,480,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.05.27 12:09:42 | 011,644,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.05.27 12:09:42 | 009,735,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.05.27 12:09:42 | 003,141,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.05.27 12:09:42 | 002,953,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.05.27 12:09:42 | 002,785,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.05.27 12:09:42 | 002,412,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.05.27 12:09:41 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.05.27 12:09:41 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.05.27 11:46:12 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014.05.27 11:46:07 | 000,037,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2014.05.27 11:46:07 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014.05.27 11:45:37 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2014.05.24 22:30:53 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\Heaven
[2014.05.24 22:14:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unigine
[2014.05.24 22:09:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GPU-Z
[2014.05.24 22:04:52 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
[2014.05.24 22:04:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI Afterburner
[2014.05.24 19:55:46 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Local\CrashDumps
[2014.05.24 18:48:07 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Roaming\GRID Workspace
[2014.05.23 22:49:04 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[2014.05.23 22:49:03 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Local\Ubisoft Game Launcher
[2014.05.23 13:20:39 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\Documents\Witcher 2
[2014.05.23 13:20:39 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Local\The Witcher 2
[2014.05.22 07:24:55 | 000,000,000 | R--D | C] -- C:\Users\NoddyCzech\Desktop\Hry
[2014.05.21 20:40:17 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\Documents\OnLive App
[2014.05.21 20:38:03 | 000,000,000 | ---D | C] -- C:\Users\NoddyCzech\AppData\Roaming\OnLive App
[2014.05.21 20:38:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OnLive
[2014.05.21 20:37:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OnLive
[2014.05.21 11:14:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
[2014.05.21 11:14:14 | 000,000,000 | ---D | C] -- C:\Fraps
[2014.05.21 08:19:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.06.17 06:17:44 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.06.17 06:14:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\NoddyCzech\Desktop\OTL.exe
[2014.06.17 06:11:45 | 000,000,956 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.06.17 06:11:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.06.17 06:11:21 | 4265,168,894 | -HS- | M] () -- C:\hiberfil.sys
[2014.06.16 15:22:09 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf4a44321f8b3d.job
[2014.06.16 14:30:18 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.06.16 14:30:18 | 000,021,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.06.16 14:29:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.06.16 07:03:51 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014.06.16 06:50:23 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2014.06.16 06:50:12 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2014.06.15 16:45:15 | 005,206,928 | R--- | M] (Swearware) -- C:\Users\NoddyCzech\Documents\ComboFix.exe
[2014.06.15 15:47:27 | 878,440,690 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014.06.15 15:37:03 | 004,686,336 | ---- | M] () -- C:\Users\NoddyCzech\Documents\RogueKiller.exe
[2014.06.15 14:47:44 | 001,582,262 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.06.15 14:47:44 | 000,668,138 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014.06.15 14:47:44 | 000,653,526 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.06.15 14:47:44 | 000,140,798 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014.06.15 14:47:44 | 000,121,398 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.06.12 14:10:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2014.06.12 14:10:58 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2014.06.11 15:34:21 | 000,281,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.06.11 15:34:17 | 000,281,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014.06.11 15:34:16 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.06.10 19:08:02 | 000,027,760 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggsemc.sys
[2014.06.10 19:08:02 | 000,014,448 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\Windows\SysNative\drivers\ggflt.sys
[2014.06.08 11:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014.06.08 11:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014.06.06 13:39:39 | 000,442,480 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014.05.30 20:02:54 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014.05.30 20:02:54 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014.05.30 12:02:09 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014.05.30 11:39:43 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014.05.30 11:39:23 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014.05.30 11:38:29 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014.05.30 11:27:57 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014.05.30 11:24:28 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014.05.30 11:21:23 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014.05.30 11:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014.05.30 11:20:36 | 000,752,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014.05.30 11:11:24 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014.05.30 11:08:22 | 005,782,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014.05.30 11:06:42 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014.05.30 10:55:36 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014.05.30 10:49:21 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014.05.30 10:46:48 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014.05.30 10:44:23 | 000,295,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014.05.30 10:43:06 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014.05.30 10:42:16 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014.05.30 10:35:44 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014.05.30 10:33:48 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014.05.30 10:30:43 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014.05.30 10:29:31 | 000,631,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014.05.30 10:28:33 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014.05.30 10:27:56 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014.05.30 10:24:19 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014.05.30 10:23:22 | 002,040,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014.05.30 10:10:46 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.05.30 10:06:06 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014.05.30 10:04:20 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014.05.30 09:50:09 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014.05.30 09:49:38 | 001,964,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014.05.30 09:13:47 | 000,704,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014.05.30 09:13:09 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014.05.25 08:27:46 | 001,065,984 | ---- | M] () -- C:\Users\NoddyCzech\AppData\Local\file__0.localstorage
[2014.05.24 23:24:17 | 000,140,685 | ---- | M] () -- C:\Users\NoddyCzech\Documents\Bez názvu.png
[2014.05.20 04:44:03 | 031,387,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014.05.20 04:44:03 | 025,256,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014.05.20 04:44:03 | 024,025,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014.05.20 04:44:03 | 018,531,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014.05.20 04:44:03 | 017,561,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014.05.20 04:44:03 | 017,480,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014.05.20 04:44:03 | 016,003,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014.05.20 04:44:03 | 014,434,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014.05.20 04:44:03 | 011,644,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014.05.20 04:44:03 | 011,599,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014.05.20 04:44:03 | 009,735,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014.05.20 04:44:03 | 009,697,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014.05.20 04:44:03 | 003,141,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014.05.20 04:44:03 | 003,109,248 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014.05.20 04:44:03 | 002,953,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014.05.20 04:44:03 | 002,785,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2014.05.20 04:44:03 | 002,730,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014.05.20 04:44:03 | 002,412,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2014.05.20 04:44:03 | 001,889,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6433788.dll
[2014.05.20 04:44:03 | 001,541,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6433788.dll
[2014.05.20 04:44:03 | 001,515,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco6420103.dll
[2014.05.20 04:44:03 | 000,952,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2014.05.20 04:44:03 | 000,895,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014.05.20 04:44:03 | 000,892,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014.05.20 04:44:03 | 000,867,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014.05.20 04:44:03 | 000,861,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014.05.20 04:44:03 | 000,837,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2014.05.20 04:44:03 | 000,492,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2014.05.20 04:44:03 | 000,416,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2014.05.20 04:44:03 | 000,382,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014.05.20 04:44:03 | 000,354,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2014.05.20 04:44:03 | 000,335,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014.05.20 04:44:03 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2014.05.20 04:44:03 | 000,197,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2014.05.20 04:44:03 | 000,166,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2014.05.20 04:44:03 | 000,146,480 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2014.05.20 04:44:03 | 000,061,216 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014.05.20 04:44:03 | 000,052,056 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014.05.20 04:44:03 | 000,031,520 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2014.05.20 04:44:03 | 000,026,069 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2014.05.20 03:25:42 | 006,769,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014.05.20 03:25:42 | 003,514,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014.05.20 03:25:38 | 002,560,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014.05.20 03:25:38 | 000,387,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014.05.20 03:25:38 | 000,062,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014.05.20 01:10:44 | 000,601,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.06.17 06:17:44 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.06.15 16:50:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014.06.15 16:50:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014.06.15 16:50:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014.06.15 16:50:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014.06.15 16:50:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014.06.15 15:36:59 | 004,686,336 | ---- | C] () -- C:\Users\NoddyCzech\Documents\RogueKiller.exe
[2014.06.13 21:55:15 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2014.06.12 14:10:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2014.06.12 14:10:58 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ggflt_01009.Wdf
[2014.05.30 20:02:55 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.05.24 22:59:23 | 000,140,685 | ---- | C] () -- C:\Users\NoddyCzech\Documents\Bez názvu.png
[2014.05.24 22:30:19 | 001,065,984 | ---- | C] () -- C:\Users\NoddyCzech\AppData\Local\file__0.localstorage
[2014.04.27 11:07:57 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe
[2014.04.07 16:33:19 | 000,000,017 | ---- | C] () -- C:\Users\NoddyCzech\AppData\Local\resmon.resmoncfg
[2014.03.27 07:56:40 | 000,281,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014.03.27 07:56:32 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014.03.22 05:11:47 | 001,557,208 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.03.21 20:51:14 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2014.03.21 20:31:44 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.06.12 14:50:14 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\.minecraft
[2014.05.12 16:42:19 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\.minecraft – kopie
[2014.03.26 14:54:13 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\DAEMON Tools Lite
[2014.05.03 09:37:08 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\DarkSoulsII
[2014.04.12 15:14:40 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Day 1 Studios
[2014.03.21 22:05:21 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\ESET
[2014.05.24 18:48:07 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\GRID Workspace
[2014.04.03 12:43:35 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\LolClient
[2014.06.03 16:25:27 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Mirror's Edge
[2014.05.21 20:38:03 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\OnLive App
[2014.05.04 18:12:27 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Oracle
[2014.06.09 21:59:16 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Origin
[2014.04.29 06:37:09 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Rainmeter
[2014.05.01 07:36:00 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Remote Control Server
[2014.04.02 19:06:59 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Riot Games
[2014.06.07 17:19:40 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\TS3Client
[2014.03.25 19:54:44 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Unkn0wns Skin Installation Tool
[2014.06.16 06:50:13 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\uTorrent

========== Purity Check ==========



========== Custom Scans ==========

[NoddyCzech]

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,622 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.03.21 21:05:04 | 000,000,956 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014.03.28 07:11:37 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf4a44321f8b3d.job
[2014.05.30 20:02:55 | 000,000,914 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\erdnt\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\erdnt\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\erdnt\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013.05.10 06:49:59 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.05.13 06:45:55 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013.10.05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\erdnt\cache64\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\SysNative\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\erdnt\cache86\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013.05.10 07:49:28 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.05.11 07:18:23 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.05.11 06:59:05 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.05.10 07:18:53 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.05.13 07:51:01 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.05.10 07:06:21 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\erdnt\cache86\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\W7SOC\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: IASTOR.SYS >
[2011.11.29 20:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.11.29 20:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_9c981fcb416c038e\iaStor.sys

< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2011.11.17 08:20:34 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0A10B74FBB437FF9A23F1D5DE4446A83 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\erdnt\cache64\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\SysNative\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2013.09.25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2012.06.04 09:51:10 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=79C908CAA6F43021EB05F4C733A927D1 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22010_none_04f609a88c8c279c\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17856_none_044756c773895c5e\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2013.09.25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe

< MD5 for: NDIS.SYS >
[2012.08.22 20:06:07 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\erdnt\cache64\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\SysNative\drivers\ndis.sys
[2012.08.22 20:12:40 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\erdnt\cache64\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\erdnt\cache86\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVRAID.SYS >
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\drivers\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2011.03.11 08:41:34 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2011.03.11 08:19:21 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache86\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\erdnt\cache64\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013.08.29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\SysNative\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache86\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\erdnt\cache64\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\erdnt\cache64\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache86\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\erdnt\cache64\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\erdnt\cache64\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe

< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\erdnt\cache64\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\erdnt\cache86\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014.06.12 14:50:14 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\.minecraft
[2014.05.12 16:42:19 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\.minecraft – kopie
[2014.03.21 21:22:36 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Adobe
[2014.06.14 01:02:38 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Apple Computer
[2014.03.26 14:54:13 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\DAEMON Tools Lite
[2014.05.03 09:37:08 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\DarkSoulsII
[2014.04.12 15:14:40 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Day 1 Studios
[2014.03.21 22:05:21 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\ESET
[2014.05.24 18:48:07 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\GRID Workspace
[2014.04.10 18:34:49 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\HpUpdate
[2014.03.21 19:24:03 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Identities
[2014.03.21 20:32:31 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\InstallShield
[2014.03.21 20:59:24 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Intel Corporation
[2014.04.03 12:43:35 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\LolClient
[2014.03.22 08:17:12 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Macromedia
[2014.06.15 13:55:45 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Malwarebytes
[2011.04.12 10:45:23 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Media Center Programs
[2014.06.08 18:47:09 | 000,000,000 | --SD | M] -- C:\Users\NoddyCzech\AppData\Roaming\Microsoft
[2014.06.03 16:25:27 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Mirror's Edge
[2014.03.22 15:28:58 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Mozilla
[2014.04.10 16:12:59 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\NVIDIA
[2014.05.21 20:38:03 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\OnLive App
[2014.05.04 18:12:27 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Oracle
[2014.06.09 21:59:16 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Origin
[2014.04.29 06:37:09 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Rainmeter
[2014.05.01 07:36:00 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Remote Control Server
[2014.04.02 19:06:59 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Riot Games
[2014.06.17 06:15:12 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Skype
[2014.06.07 17:19:40 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\TS3Client
[2014.03.25 19:54:44 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\Unkn0wns Skin Installation Tool
[2014.06.16 06:50:13 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\uTorrent
[2014.04.02 14:11:56 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\vlc
[2014.03.21 22:00:15 | 000,000,000 | ---D | M] -- C:\Users\NoddyCzech\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2014.04.24 07:08:58 | 000,786,492 | ---- | M] () -- C:\Users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
[2014.04.24 07:09:00 | 015,823,872 | ---- | M] () -- C:\Users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
[2014.04.24 07:08:58 | 000,107,008 | ---- | M] () -- C:\Users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
[2014.06.03 16:17:28 | 001,223,525 | ---- | M] () -- C:\Users\NoddyCzech\AppData\Roaming\Mirror's Edge\Uninstall\unins000.exe
[2014.04.27 11:24:58 | 000,004,608 | -H-- | M] () -- C:\Users\NoddyCzech\AppData\Roaming\Rainmeter\Rainmeter.exe
[2014.04.29 06:37:09 | 000,681,971 | ---- | M] () -- C:\Users\NoddyCzech\AppData\Roaming\Rainmeter\Addons\RainRGB\RainRGB.exe
[2014.06.12 06:58:55 | 001,267,536 | ---- | M] (BitTorrent Inc.) -- C:\Users\NoddyCzech\AppData\Roaming\uTorrent\uTorrent.exe
[2014.05.01 18:09:12 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\NoddyCzech\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014.05.22 08:27:28 | 001,272,400 | ---- | M] (BitTorrent Inc.) -- C:\Users\NoddyCzech\AppData\Roaming\uTorrent\updates\3.4.1_31139.exe
[2014.06.12 06:58:55 | 001,267,536 | ---- | M] (BitTorrent Inc.) -- C:\Users\NoddyCzech\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014.06.17 06:14:08 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Air Display Support" = "C:\Program Files\Avatron\Air Display\AirDisplay.exe" -- [2013.12.04 15:24:04 | 004,189,688 | ---- | M] (Avatron Software, Inc)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.06.17 06:17:44 | 000,000,512 | ---- | M] () MD5=4B27BF545D1BB03E4573BD84F4510770 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.05.05 15:41:16 | 040,868,256 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\zone\Common\mp_cracked.ff
[2010.11.09 02:43:51 | 000,019,296 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\zone\English\en_mp_cracked.ff
[2014.05.03 18:05:43 | 000,019,296 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops\zone\Polish\po_mp_cracked.ff
[2014.04.28 17:43:14 | 000,015,770 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota\addons\nian\resource\flash3\images\items\firecrackers.png
[2014.05.23 12:07:22 | 000,053,071 | ---- | M] () -- \Torrents\Watch Dogs Deluxe Edition FULL CRACKED-SG.torrent
[2014.04.24 07:32:08 | 000,001,373 | ---- | M] () -- \Users\NoddyCzech\AppData\Roaming\Microsoft\Windows\Recent\Setup+crack.lnk
[2013.01.11 21:27:00 | 000,037,020 | ---- | M] () -- \Users\NoddyCzech\Documents\MultiMC\instances\NoddyModpack\minecraft\resourcepacks\texture 1.6 wip\assets\minecraft\textures\blocks\stonebrick_cracked.png
[2013.03.13 12:52:26 | 000,030,220 | ---- | M] () -- \Users\NoddyCzech\Documents\MultiMC\instances\NoddyModpack\minecraft\resourcepacks\texture 1.6 wip\assets\minecraft\textures\blocks\stonebrick_cracked_n.png
[2013.10.27 09:58:24 | 000,007,380 | ---- | M] () -- \Users\NoddyCzech\Documents\MultiMC\instances\NoddyModpack\minecraft\resourcepacks\texture 1.6 wip\assets\minecraft\textures\blocks\stonebrick_cracked_s.png
[2014.05.23 12:07:22 | 000,053,071 | ---- | M] () -- \Users\NoddyCzech\Downloads\Watch Dogs Deluxe Edition FULL CRACKED-SG.torrent
[2011.01.14 18:31:04 | 000,000,156 | ---- | M] () -- \Users\Public\StarStableOnline\Data\Cracked_wall.pmt
[2013.04.02 16:52:50 | 000,005,753 | ---- | M] () -- \Users\Public\StarStableOnline\Data\Cracked_wall.pte
[2011.01.14 18:31:04 | 000,000,162 | ---- | M] () -- \Users\Public\StarStableOnline\Data\Cracked_wall_2.pmt
[2013.04.02 16:52:50 | 000,005,757 | ---- | M] () -- \Users\Public\StarStableOnline\Data\Cracked_wall_2.pte
[2013.01.15 20:00:20 | 000,000,186 | ---- | M] () -- \Users\Public\StarStableOnline\Data\CrackEffectTexture1.pmt
[2013.01.15 20:37:42 | 000,022,180 | ---- | M] () -- \Users\Public\StarStableOnline\Data\CrackEffectTexture1.pte
[2013.01.15 19:59:18 | 000,000,168 | ---- | M] () -- \Users\Public\StarStableOnline\Data\CrackTexture1.pmt
[2013.01.15 19:59:18 | 000,087,664 | ---- | M] () -- \Users\Public\StarStableOnline\Data\CrackTexture1.pte
[2013.01.15 20:15:16 | 000,000,168 | ---- | M] () -- \Users\Public\StarStableOnline\Data\CrackTexture2.pmt
[2013.08.22 11:44:14 | 000,087,644 | ---- | M] () -- \Users\Public\StarStableOnline\Data\CrackTexture2.pte
[2013.08.20 12:31:14 | 000,000,165 | ---- | M] () -- \Users\Public\StarStableOnline\Data\DialogIcon_PandorianCrack.pmt
[2013.08.20 12:31:14 | 000,065,797 | ---- | M] () -- \Users\Public\StarStableOnline\Data\DialogIcon_PandorianCrack.pte
[2011.12.26 19:12:42 | 000,152,882 | ---- | M] () -- \Users\Public\StarStableOnline\Data\Fireworks_Crackers.pso
[2013.07.12 14:53:42 | 000,006,303 | ---- | M] () -- \Users\Public\StarStableOnline\Data\FO_Cracks.pxo
[2013.01.15 19:59:18 | 000,054,639 | ---- | M] () -- \Users\Public\StarStableOnline\Data\MysticValleyCrack1.pme
[2013.01.15 20:37:42 | 000,001,005 | ---- | M] () -- \Users\Public\StarStableOnline\Data\MysticValleyCrack1_Effect.pme
[2013.01.15 20:05:58 | 000,030,143 | ---- | M] () -- \Users\Public\StarStableOnline\Data\MysticValleyCrack1_Effect2.pme
[2013.01.15 20:37:46 | 000,002,145 | ---- | M] () -- \Users\Public\StarStableOnline\Data\MysticValleyCrack1_Effect3.pme
[2013.08.22 11:44:14 | 000,075,055 | ---- | M] () -- \Users\Public\StarStableOnline\Data\MysticValleyCrack2.pme
[2013.07.12 14:28:20 | 000,004,133 | ---- | M] () -- \Users\Public\StarStableOnline\Data\MysticValleyCrack2_Lod.pme
[2014.03.24 15:13:00 | 000,075,051 | ---- | M] () -- \Users\Public\StarStableOnline\Data\MysticValleyCrackS.pme
[2014.03.24 15:13:48 | 000,031,211 | ---- | M] () -- \Users\Public\StarStableOnline\Data\MysticValleyCrackS_Effect.pme
[2013.01.15 20:23:48 | 000,004,955 | ---- | M] () -- \Users\Public\StarStableOnline\Data\MysticValleyCrack_Col.pco

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2014.03.16 00:08:56 | 000,106,428 | ---- | M] () -- \Flashtool\devices\C150X\loader.sin
[2014.03.16 00:08:56 | 000,106,428 | ---- | M] () -- \Flashtool\devices\C160X\loader.sin
[2014.03.16 00:08:56 | 000,169,016 | ---- | M] () -- \Flashtool\devices\C190X\loader.sin
[2014.03.16 00:08:56 | 000,169,016 | ---- | M] () -- \Flashtool\devices\C200X\loader.sin
[2014.03.16 00:08:56 | 000,169,016 | ---- | M] () -- \Flashtool\devices\C210X\loader.sin
[2014.03.16 00:08:56 | 000,094,772 | ---- | M] () -- \Flashtool\devices\C530X\loader.sin
[2014.03.16 00:08:56 | 000,173,056 | ---- | M] () -- \Flashtool\devices\C550X\loader.sin
[2014.03.16 00:08:56 | 000,160,712 | ---- | M] () -- \Flashtool\devices\C650X\loader.sin
[2014.03.16 00:08:56 | 000,160,712 | ---- | M] () -- \Flashtool\devices\C660X\loader.sin
[2014.03.16 00:08:56 | 000,173,556 | ---- | M] () -- \Flashtool\devices\C68XX\loader.sin
[2014.03.16 00:08:56 | 000,173,556 | ---- | M] () -- \Flashtool\devices\C69XX\loader.sin
[2014.03.16 00:08:56 | 000,226,540 | ---- | M] () -- \Flashtool\devices\D200X\loader.sin
[2014.03.16 00:08:56 | 000,226,540 | ---- | M] () -- \Flashtool\devices\D210X\loader.sin
[2014.03.16 00:08:56 | 000,173,556 | ---- | M] () -- \Flashtool\devices\D550X\loader.sin
[2014.03.16 00:08:56 | 000,218,348 | ---- | M] () -- \Flashtool\devices\D65XX\loader.sin
[2014.03.16 00:08:56 | 000,098,883 | ---- | M] () -- \Flashtool\devices\E10\loader.sin
[2014.03.16 00:08:56 | 000,103,949 | ---- | M] () -- \Flashtool\devices\E10\loader_unlocked.sin
[2014.03.16 00:08:56 | 000,098,883 | ---- | M] () -- \Flashtool\devices\E15\loader.sin
[2014.03.16 00:08:56 | 000,103,949 | ---- | M] () -- \Flashtool\devices\E15\loader_unlocked.sin
[2014.03.16 00:08:56 | 000,100,591 | ---- | M] () -- \Flashtool\devices\LT15\loader.sin
[2014.03.16 00:08:56 | 000,100,591 | ---- | M] () -- \Flashtool\devices\LT18\loader.sin
[2014.03.16 00:08:56 | 000,100,712 | ---- | M] () -- \Flashtool\devices\LT22\loader.sin
[2014.03.16 00:08:56 | 000,094,468 | ---- | M] () -- \Flashtool\devices\LT25\loader.sin
[2014.03.16 00:08:56 | 000,136,600 | ---- | M] () -- \Flashtool\devices\LT26\loader.sin
[2014.03.16 00:08:56 | 000,136,592 | ---- | M] () -- \Flashtool\devices\LT26W\loader.sin
[2014.03.16 00:08:56 | 000,136,600 | ---- | M] () -- \Flashtool\devices\LT28\loader.sin
[2014.03.16 00:08:56 | 000,077,700 | ---- | M] () -- \Flashtool\devices\LT29\loader.sin
[2014.03.16 00:08:56 | 000,077,700 | ---- | M] () -- \Flashtool\devices\LT30\loader.sin
[2014.03.16 00:08:56 | 000,100,591 | ---- | M] () -- \Flashtool\devices\MK16\loader.sin
[2014.03.16 00:08:56 | 000,100,591 | ---- | M] () -- \Flashtool\devices\MT11\loader.sin
[2014.03.16 00:08:56 | 000,100,591 | ---- | M] () -- \Flashtool\devices\MT15\loader.sin
[2014.03.16 00:08:56 | 000,100,712 | ---- | M] () -- \Flashtool\devices\MT25\loader.sin
[2014.03.16 00:08:56 | 000,100,712 | ---- | M] () -- \Flashtool\devices\MT27\loader.sin
[2014.03.16 00:08:56 | 000,077,700 | ---- | M] () -- \Flashtool\devices\MT28\loader.sin
[2014.03.16 00:08:56 | 000,100,591 | ---- | M] () -- \Flashtool\devices\R800\loader.sin
[2014.03.16 00:08:56 | 000,100,525 | ---- | M] () -- \Flashtool\devices\R800\loader_unlocked.sin
[2014.03.16 00:08:56 | 000,160,712 | ---- | M] () -- \Flashtool\devices\SGP3XX\loader.sin
[2014.03.16 00:08:56 | 000,100,591 | ---- | M] () -- \Flashtool\devices\SK17\loader.sin
[2014.03.16 00:08:56 | 000,100,591 | ---- | M] () -- \Flashtool\devices\ST15\loader.sin
[2014.03.16 00:08:56 | 000,100,591 | ---- | M] () -- \Flashtool\devices\ST17\loader.sin
[2014.03.16 00:08:56 | 000,100,591 | ---- | M] () -- \Flashtool\devices\ST18\loader.sin
[2014.03.16 00:08:56 | 000,106,428 | ---- | M] () -- \Flashtool\devices\ST21\loader.sin
[2014.03.16 00:08:56 | 000,106,428 | ---- | M] () -- \Flashtool\devices\ST23\loader.sin
[2014.03.16 00:08:56 | 000,100,712 | ---- | M] () -- \Flashtool\devices\ST25\loader.sin
[2014.03.16 00:08:56 | 000,106,428 | ---- | M] () -- \Flashtool\devices\ST26\loader.sin
[2014.03.16 00:08:56 | 000,100,712 | ---- | M] () -- \Flashtool\devices\ST27\loader.sin
[2014.03.16 00:08:56 | 000,098,883 | ---- | M] () -- \Flashtool\devices\U20\loader.sin
[2014.03.16 00:08:56 | 000,103,949 | ---- | M] () -- \Flashtool\devices\U20\loader_unlocked.sin
[2014.03.16 00:08:56 | 000,100,591 | ---- | M] () -- \Flashtool\devices\WT19\loader.sin
[2014.03.16 00:08:56 | 000,087,559 | ---- | M] () -- \Flashtool\devices\X10\loader.sin
[2014.03.16 00:08:56 | 000,087,569 | ---- | M] () -- \Flashtool\devices\X10\loader_unlocked.sin
[2014.04.30 20:27:31 | 001,168,216 | ---- | M] () -- \NVIDIA\DisplayDriver\337.88\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2014.04.23 16:05:04 | 000,007,281 | ---- | M] () -- \Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit.resources\inspector\HeapSnapshotLoader.js
[2014.01.23 16:05:00 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.05.09 01:43:22 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.10.06 05:08:30 | 000,145,082 | ---- | M] () -- \Program Files (x86)\HP\HP Officejet 6500 E710a-f\bin\HelpViewer\Resources\Loader.gif
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\apps\facebook\7.1.361\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\apps\facebooklike\7.1.361\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\apps\fbsharedservices\7.1.361\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\apps\featured\7.1.361\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\apps\games\7.1.361\js\shared\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\apps\chat\7.1.361\js\downloader.js
[2012.01.31 16:16:24 | 000,006,643 | ---- | M] () -- \Program Files (x86)\Microsoft\BingBar\7.1.361.0\scripts\io\downloader.js
[2014.04.30 20:27:31 | 001,168,216 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.12.20 01:37:56 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.12.20 01:37:56 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.12.20 01:37:44 | 000,073,536 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.12.20 01:37:44 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2008.10.10 14:39:54 | 000,068,688 | ---- | M] () -- \Program Files (x86)\R.G. Mechanics\Mirror's Edge\Binaries\PhysXLocal\PhysXLoader.dll
[2014.05.28 12:48:58 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Mobile\Update Engine\licenses\loaderbinarylegal.txt
[2014.05.28 12:52:44 | 000,001,702 | ---- | M] () -- \Program Files (x86)\Sony Mobile\Update Service\licenses\loaderbinarylegal.txt
[2013.10.23 22:07:40 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2014.05.12 08:50:21 | 000,065,344 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\PhysXLoader.dll
[2014.05.06 07:16:35 | 000,064,352 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\game\PHYSXLOADER.DLL
[2014.05.27 13:10:54 | 000,063,256 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Red Orchestra 2\Binaries\Win32\PhysXLocal\PhysXLoader.dll
[2014.05.12 11:27:42 | 000,022,574 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\the witcher 2\CookedPC\globals\gui\loadingscreens\loader.swf
[2014.05.26 17:06:59 | 000,074,240 | ---- | M] () -- \Program Files (x86)\WATCH_DOGS\bin\uplay_r1_loader64.dll
[2014.01.23 16:05:00 | 000,364,184 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.05.09 01:43:22 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2009.09.30 17:57:30 | 000,593,248 | ---- | M] () -- \Program Files\Microsoft Xbox 360 Accessories\Downloader.exe
[2013.12.01 15:09:05 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2014.04.02 19:44:01 | 000,000,404 | ---- | M] () -- \Rito Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.91\deploy\assets\storeImages\layout\small_loader.gif
[2014.06.03 16:26:54 | 000,003,208 | ---- | M] () -- \Users\NoddyCzech\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\skin\ajax-loader.gif
[2014.05.06 00:26:56 | 000,000,781 | ---- | M] () -- \Users\NoddyCzech\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipflinfkekcenojmoohjoionlhiljli\3.0.5.999_0\loader.js
[2014.06.15 18:33:28 | 000,001,980 | ---- | M] () -- \Users\NoddyCzech\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KID34NB0\AdLoader[1].htm
[2014.06.15 18:33:28 | 000,017,912 | ---- | M] () -- \Users\NoddyCzech\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UVA5FN4D\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014.06.15 20:10:25 | 000,001,980 | ---- | M] () -- \Users\NoddyCzech\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WAMPE1FB\AdLoader[1].htm
[2014.02.18 18:46:42 | 000,072,638 | ---- | M] () -- \Users\NoddyCzech\AppData\Local\Skype\Apps\login\images\loader.gif
[2014.02.18 18:46:42 | 000,003,032 | ---- | M] () -- \Users\NoddyCzech\AppData\Local\Skype\Apps\login\images\loader.png
[2014.02.18 18:46:42 | 000,006,012 | ---- | M] () -- \Users\NoddyCzech\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014.02.18 18:46:42 | 000,021,956 | ---- | M] () -- \Users\NoddyCzech\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014.02.18 18:46:42 | 000,009,772 | ---- | M] () -- \Users\NoddyCzech\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014.05.01 18:20:44 | 000,856,892 | ---- | M] () -- \Users\NoddyCzech\Downloads\Sygic 14.0 full\Map and Voices Downloader\sgcmapdownloader.cry
[2014.05.01 18:20:44 | 000,045,056 | ---- | M] () -- \Users\NoddyCzech\Downloads\Sygic 14.0 full\Map and Voices Downloader\sgcmapdownloader14.exe
[2014.06.05 17:29:38 | 000,019,968 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\7b634512d96acf4fc078de3940790d0b\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2014.06.05 17:29:38 | 000,000,796 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\7b634512d96acf4fc078de3940790d0b\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2012.10.01 20:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 20:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 20:34:40 | 000,364,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 20:34:40 | 000,268,384 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.05.09 01:43:22 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4569\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.05.09 01:43:22 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4569\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2014.06.05 17:28:14 | 000,015,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.CLRLoader.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.22 04:24:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.22 04:25:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.22 04:24:27 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.22 04:25:19 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 10:34:35 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 10:34:35 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 10:34:35 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 10:34:35 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 10:34:35 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2014.03.22 04:03:28 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2014.03.22 04:03:28 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2014.03.22 04:03:28 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2014.03.22 04:03:28 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2014.03.22 04:03:28 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 10:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.22 04:24:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.22 04:25:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.22 04:24:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.22 04:25:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >
[2014.05.12 08:49:56 | 000,003,128 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Engine\EditorResources\FaceFX\res\icons\FxGenericTargetNode.bmp

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2014.02.13 22:57:42 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.04.24 16:16:25 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.05.28 12:48:24 | 000,042,306 | ---- | M] () -- \Program Files (x86)\Sony Mobile\Update Engine\plugins\com.serialio_2.14.8.201405281228.jar
[2014.05.28 12:48:36 | 000,008,948 | ---- | M] () -- \Program Files (x86)\Sony Mobile\Update Engine\plugins\com.sonymobile.cs.serialcommunication_2.14.8.201405281228.jar
[2014.05.28 12:51:40 | 000,042,306 | ---- | M] () -- \Program Files (x86)\Sony Mobile\Update Service\plugins\com.serialio_2.14.8.201405281228.jar
[2014.05.28 12:51:54 | 000,008,948 | ---- | M] () -- \Program Files (x86)\Sony Mobile\Update Service\plugins\com.sonymobile.cs.serialcommunication_2.14.8.201405281228.jar
[2014.05.28 12:51:22 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Sony Mobile\Update Service\plugins\com.serialio.win32.x86_3.1.0.2\lib\serialio.dll
[2014.04.30 11:36:38 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\GarrysMod\bin\dmserializers.dll
[2014.05.28 17:08:09 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\bin\dmserializers.dll
[2014.05.12 09:54:08 | 000,015,028 | ---- | M] () -- \Program Files (x86)\Steam\SteamApps\common\the witcher 2\Launcher\Neutral\serial_window.png
[2014.04.15 13:11:02 | 000,167,616 | ---- | M] () -- \Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.XmlSerializers.dll
[2014.04.15 13:11:02 | 000,210,112 | ---- | M] () -- \Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.XmlSerializers.dll
[2014.02.13 23:30:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.04.24 16:16:43 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.06.04 15:45:14 | 000,041,984 | ---- | M] () -- \Users\NoddyCzech\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage
[2014.06.04 15:45:14 | 000,003,608 | ---- | M] () -- \Users\NoddyCzech\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.sledujuserialy.cz_0.localstorage-journal
[2011.08.08 16:34:04 | 000,000,153 | ---- | M] () -- \Users\Public\StarStableOnline\Data\SerialNr.pmt
[2011.08.08 16:33:42 | 000,001,690 | ---- | M] () -- \Users\Public\StarStableOnline\Data\SerialNr.pte
[2011.08.08 16:33:42 | 000,001,579 | ---- | M] () -- \Users\Public\StarStableOnline\Data\SerialNRPlate.pme
[2011.04.12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.03.22 05:50:17 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\553e7bfc9cac5e4feaa83d8ee1e187bd\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.03.22 05:50:47 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
[2014.03.22 05:47:56 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\8653acb87b4a219a84e4ce58df35e62a\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.03.22 05:49:28 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\b73fbf8a2db2192752ad2b13744a393b\System.Runtime.Serialization.ni.dll
[2014.03.23 12:00:18 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.03.23 12:00:18 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.03.23 12:00:18 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.03.23 12:00:18 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.03.23 12:00:54 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.03.23 12:00:54 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014.03.23 12:04:12 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.03.23 12:04:12 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.03.23 12:04:11 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
[2014.03.23 12:04:11 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll.aux
[2014.03.23 13:04:10 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014.03.23 13:04:10 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2012.10.01 20:36:32 | 000,166,864 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\AS_Client_BackEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2012.10.01 20:36:32 | 000,209,360 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\AS_Client_Common_FrontEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 10:34:10 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 21:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 21:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2011.04.12 10:34:07 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2011.04.12 10:34:07 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2011.04.12 10:34:10 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2011.04.12 10:34:12 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2011.04.12 10:34:13 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012.10.05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012.10.05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2012.10.05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2014.03.22 04:03:28 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2014.03.22 04:03:28 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2011.04.12 10:34:36 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2011.04.12 10:34:35 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011.02.05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011.02.05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012.10.05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2012.10.05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012.10.05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2012.10.05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012.10.05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2012.10.05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2011.04.12 10:33:41 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012.10.05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2012.10.05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012.10.05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2012.10.05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2011.04.12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012.10.05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2012.10.05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2011.04.12 10:34:11 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2011.04.12 10:34:07 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2011.04.12 10:34:17 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012.10.05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2012.10.05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll

< *w7lxe* /s >

< End of report >

[NoddyCzech]

Log Extras:

OTL Extras logfile created on: 17.6.2014 6:15:53 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\NoddyCzech\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

15,96 Gb Total Physical Memory | 13,52 Gb Available Physical Memory | 84,67% Memory free
31,92 Gb Paging File | 29,35 Gb Available in Paging File | 91,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,29 Gb Total Space | 528,04 Gb Free Space | 56,70% Space Free | Partition Type: NTFS
Drive I: | 149,05 Gb Total Space | 148,75 Gb Free Space | 99,80% Space Free | Partition Type: NTFS

Computer Name: NODDY | User Name: NoddyCzech | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-759392122-1515027182-328857685-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A04564-C3DA-4B9D-952C-A8ECBCB7F7A0}" = lport=137 | protocol=17 | dir=in | app=system |
"{0ECF44FB-F439-4C8A-B4A7-55E50F9E8519}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{127AB31F-4B17-404A-A449-418765AB851E}" = lport=6002 | protocol=17 | dir=in | name=air display udp2 |
"{1CA7FA48-BE2E-4C26-B792-50E35BBFE4E6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1FE8719D-590E-458D-969E-220972BBB6C6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{206C72FC-06BB-4ABD-847E-07417FEC5907}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{2EB1D83A-5C00-4AAB-AB81-E2703257FC40}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{466651CA-71EA-460E-A4E8-51BDB35F65B5}" = lport=6001 | protocol=6 | dir=in | name=air display tcp |
"{53B49E31-06F3-44C8-8C3B-6128E54E6CEE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{58133D1D-E284-4F0A-9992-9FE9FC22992E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6BE237C2-FF20-459F-ADAC-87615FB9D894}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6D52EAEB-8F4D-419D-B268-10A63E28A334}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{74D80250-372C-4826-B6B4-018C3E134F66}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8722195B-F90B-45B7-99E7-0E3137F82017}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{877CCC67-B228-4C5B-8990-8773662AF872}" = lport=6000 | protocol=17 | dir=in | name=air display udp1 |
"{8BB3F031-05FE-4AC5-BBBA-59F2324433A2}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8E347E5E-84FC-422C-9A2E-E1B8912523C7}" = rport=137 | protocol=17 | dir=out | app=system |
"{945E5E3D-E0F3-436C-8346-9E0830AC28FF}" = rport=138 | protocol=17 | dir=out | app=system |
"{96E6B07D-488D-4F7C-B199-2FAFCDCA5035}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{9BF9602A-833C-4879-9983-1663FC1ADDDD}" = lport=139 | protocol=6 | dir=in | app=system |
"{A93136C2-A93D-4162-930E-E0A8CF630884}" = rport=139 | protocol=6 | dir=out | app=system |
"{AA740A12-E060-4363-B1CE-231826E403D3}" = lport=138 | protocol=17 | dir=in | app=system |
"{B15C60E5-108A-4F6F-B40A-74FE988669D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B522BB6D-8CB8-42D0-AED2-1F3AE8304585}" = lport=445 | protocol=6 | dir=in | app=system |
"{BE0DA7AA-67C8-45D2-A862-8EDC0B10242B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C601FBBC-87E1-45EC-9C5B-866859B0CD0E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CED56D54-DE52-4887-A19B-A3CBA8F3B31C}" = rport=445 | protocol=6 | dir=out | app=system |
"{D7CADD29-F1C1-47F6-A76D-23CE01AC4D8F}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{EBFF17C6-F688-4CAE-8B17-A739010DA3BB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{F142D925-EA05-4203-ADF0-A8AC36582453}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FFC1E7C0-6AAC-4DE1-9390-808E6C8A32F3}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0090B3A8-EEBF-4FA7-A204-641998975C76}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe |
"{045A3B42-24E9-4877-90F9-B884182CD640}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{07884DA3-B101-46F4-A46A-5776E822A39E}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{08E2897B-41CD-4776-9012-A16A4223201C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0B4F1379-D596-4FC3-A05E-9727C6023C96}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{0BA09A81-1973-4827-8EB0-22A43E767825}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty ghosts\iw6mp64_ship.exe |
"{0BEAEA10-C0F7-476A-9AE1-D48F0607C51A}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srfeature.exe |
"{0DC41189-6A6E-42E1-AD0A-B3A3E3C4B206}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{0E38CEEF-2CDC-43C8-87FE-B39FBF8C6C90}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{1147C9A1-7281-4F00-BFC5-1D25CCABF73F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2816\agent.exe |
"{13914253-9F40-4D48-A458-1A1A22A97CAA}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{143D427E-04BB-4E36-8B40-09081B0A8D4C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{191A55AC-5C3C-4CA2-AC22-7663C791952E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1AB22F7D-203D-4CA8-A8A1-E21DEA575EED}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\goatsimulator\binaries\win32\goatgame-win32-shipping.exe |
"{1AC7C147-9AEE-4964-BBBE-5FE32FC06E0B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1D830622-8253-42AE-9AAE-B605DB0CF914}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\launcher.exe |
"{21332B0C-140B-4B21-9BA7-26C4879D0000}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{27702852-5A38-498C-A9F3-4F43B8BA2BA1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{2C84E22D-C494-4D7A-9473-29AB2BFC3E32}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher 2\launcher.exe |
"{2D5F8A3E-CEEC-4FCD-8615-3FFBB8F6F697}" = protocol=17 | dir=in | app=c:\users\noddyczech\appdata\local\temp\kmsnano\qemu-system-i386.exe |
"{2F28535D-15DF-4940-9842-79D41CF327A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{3015C89A-5AEE-4835-B980-E8D950715B80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{338BB1E9-34CA-48AE-A903-47000E699075}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{33CC1605-9B0C-4720-985D-E5A4F960582C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{34267E5A-1330-4A57-B010-79E037E01500}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{343E9378-8374-4506-89BE-4FDB557679D2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{350EC092-EB5F-46E5-8CBA-0AEFCC2A5571}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2816\agent.exe |
"{374A0A49-E516-4483-B954-246ED9A627AB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\orion dino beatdown\binaries\win32\dinohordegame.exe |
"{3AC7FB59-0C4A-46CA-A340-13A4D9474F66}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{3BA53CFA-CB10-4678-8827-1B6CFE3D3309}" = protocol=17 | dir=in | app=c:\program files (x86)\sony mobile\update engine\sony mobile update engine.exe |
"{3C921E09-18D1-4F0B-8332-622EB0875FB5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3D10409B-E273-4D60-AF63-55ED2D3013B3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3D499958-BFD7-47DA-B868-B34219193178}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tom clancy's ghost recon phantoms - eu\launcher.exe |
"{3E3864F6-88C4-4351-8E77-9E0EF16981E4}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{3F14081C-7631-4126-BD27-0840219CBFDA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{40EF5F9D-6F8F-4AE0-B1E9-408EC97F5F12}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{4A688818-09A5-46DD-BFD8-9F30FCCBBD0F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{4B401955-E7C7-432A-97D3-9125D719E29E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4BA1184C-BF74-4743-952E-5489A41418AA}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4E96B0DC-EE36-4237-AEA7-F3C5A773C3F0}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2787\agent.exe |
"{4F829159-5364-4545-86A8-75DEEE14DE63}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{509F7ABC-F864-495D-9FD6-4F36A8CC7DE4}" = protocol=17 | dir=in | app=c:\program files (x86)\sony mobile\update service\update service.exe |
"{50B2E053-4934-4C8D-B831-106D822B3448}" = protocol=6 | dir=in | app=c:\users\noddyczech\downloads\utorrent.exe |
"{51130598-7D98-4223-868F-0F93A2C47AB1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{523DBC6F-4D2F-446A-A9E7-06D43ACCC0BB}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe |
"{535098C8-C329-40A4-B83C-DD933AD2740E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pid\pid.exe |
"{54BEE9E1-A582-454E-8C1C-2A63BC4702D4}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\bfh beta\bfh.exe |
"{5505157C-3A2C-45BA-B8FC-735F28F66233}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty ghosts\iw6mp64_ship.exe |
"{55DB36ED-ACCB-4C43-B88B-0538C89759E5}" = protocol=6 | dir=in | app=c:\users\noddyczech\appdata\roaming\utorrent\utorrent.exe |
"{57921C5F-EB00-4F99-87CF-49262C0746D6}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{57C3F33A-CDAC-4027-9252-5A06D6946DB7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{5B1AE025-81D0-428F-B445-83869EA3322D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{5F9F14F4-F690-4613-A9DA-07014BB23844}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{612EF8DC-6E9F-46D7-822B-C314A26EE915}" = protocol=6 | dir=in | app=c:\users\noddyczech\desktop\starcraft ii\starcraft ii public test.exe |
"{62B562F3-E330-4499-A27D-A13313D2475E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher 2\launcher.exe |
"{62DA5FEB-1A11-4CF1-9DE8-8050D8CE248E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6AEED579-8C42-4C85-BD99-5D42C845DAEB}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\bfh beta\bfh.exe |
"{6DCAAADD-A3F2-4A73-B078-B56061E18DD6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe |
"{6E8D638E-5648-4AC9-85B8-2608184F6401}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{70A249CC-F42E-40DC-976E-35F8B1D543E4}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{72F6F287-6482-4040-AEDE-0DE2614A1103}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe |
"{7316184E-B622-46C9-81B9-D63CD607B346}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2787\agent.exe |
"{76967CB7-52D6-4F10-8E1E-57CA7D05C15C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\risk of rain\risk of rain.exe |
"{7939A386-2596-4778-8260-B8C4FF6A6B31}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{79D1F016-4761-4A9C-9E7E-E4A1CDF1E2EE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{7D086F31-14E4-47FA-9220-F38CA463173D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe |
"{7D1A3927-96D4-404F-AFA8-20CDB21294D8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{8A91116E-A828-423E-B2FD-DA3B58064F60}" = protocol=17 | dir=in | app=c:\users\noddyczech\desktop\starcraft ii\starcraft ii public test.exe |
"{8D607F93-4BEC-4A2E-A7C0-F777750D19DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe |
"{8E750D30-6BBC-4B24-9164-529D3171F36B}" = protocol=6 | dir=out | app=system |
"{8EFDB411-A3AD-4472-8236-9D511463D048}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9300107E-0410-45BC-9D61-E014F2361E90}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\f.e.a.r. 3\f.e.a.r. 3.exe |
"{93789622-738C-4ACF-AF75-944C00B9BEE1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rochard\rochard.exe |
"{9653F2D6-F269-4FF4-8804-189287B72F16}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{98388612-EC3D-4B5F-A548-BD3AC4F91F11}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A7FD1CC5-B6BA-4D61-8EAD-09B8DF9D4E9E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rochard\rochard.exe |
"{A86E6733-2451-4EE4-80CC-00DA0D66FB05}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{AAEFE2C7-BB06-4DF1-BFB5-2F0A022DF383}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe |
"{AD3148AF-9770-4045-AEA7-B5F7BABF974A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{AF18B659-7E9A-4C49-8CE2-0278D48D6F03}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\red orchestra 2\binaries\win32\rogame.exe |
"{B033A40A-2AFC-42BA-8F14-303C37E8133A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B0A4F02A-58BD-429D-947F-A931A324329A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B0D1176B-F136-482C-8C9B-C3036F6D6455}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"{B3DBE98D-3B1B-493A-836D-657268DDBAD6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B4380163-B703-44FC-9458-703AAAD4FAE0}" = protocol=6 | dir=in | app=c:\program files (x86)\sony mobile\update service\update service.exe |
"{B690AF6B-A6A1-42C7-861C-4F9E43F7976B}" = protocol=6 | dir=in | app=c:\users\noddyczech\desktop\starcraft ii\starcraft ii.exe |
"{B6E89993-3CA6-4E6D-816A-1D68031D9F8B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{B7CD7A87-745A-4E51-B43C-F9D55FC79766}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe |
"{BAA112B6-8419-4050-AB49-3CD8243F4421}" = protocol=17 | dir=in | app=c:\users\noddyczech\desktop\starcraft ii\starcraft ii.exe |
"{BBEF8FDE-E707-451B-BD51-4842B1C5FC8A}" = protocol=17 | dir=in | app=c:\program files\avatron\air display\airdisplay.exe |
"{BC832670-85ED-4A79-8527-5EBA2A4FA663}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{BF5D54D4-622E-4A32-90E6-F98869663A57}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2717\agent.exe |
"{C08BEB00-58EE-4285-BD03-990AE9F264F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\goatsimulator\binaries\win32\goatgame-win32-shipping.exe |
"{C333D041-24B6-4B8F-86FD-45C4DD122EF1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe |
"{C44057F3-3E93-4CE0-ABCA-A1BF1EB298F0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{C4FB0A6F-DA56-4D82-9479-70CC8A7E1B21}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{C754ED82-1096-4E94-94A0-D35C95506080}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\f.e.a.r. 3\f.e.a.r. 3.exe |
"{C875177D-71FB-4780-853F-B64A99545631}" = protocol=17 | dir=in | app=c:\users\noddyczech\appdata\roaming\utorrent\utorrent.exe |
"{CC292F92-D0D6-474D-B0A9-550DC23B3D5D}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe |
"{CC5CB3CB-0510-444C-9B82-8F5A7CFFFAEC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CE203DE1-A100-4642-ABB7-5164F0EC1EA6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
"{D04C7AB3-AFAA-420D-B1E8-AD6F8BE70E86}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mcpixel\mclauncher.exe |
"{D0EF1CB4-74BC-44CB-A772-8883A50F302F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{D3503702-EB0C-4501-AA17-920DE0510D1F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dayz\dayz.exe |
"{D4AB8E4B-F5B1-443F-957A-F565861127DC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{D58975D1-4050-4F8C-A79F-F1E4D5C9DD71}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{D84C7689-4789-4B69-BAF4-D3B31BB89301}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\orion dino beatdown\binaries\win32\dinohordegame.exe |
"{DADE015D-87A5-4080-8F04-D726D0582D70}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DD472E72-D857-41B0-B23B-1A1F33D56E26}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{DDBA91FC-C4F6-429C-ACBB-6FE512E95B09}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty ghosts\iw6sp64_ship.exe |
"{DF66DB86-1BBB-4A27-9488-73EEC7978BA7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{E204F311-8A54-46C6-9994-3B1084F4C387}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe |
"{E2335E43-A930-4C54-B532-C9C7D1ED30DB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\risk of rain\risk of rain.exe |
"{E25D6D90-A4EB-4661-998F-4760072037C4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{E2930A0B-E36E-4F27-AD6B-4629299F0EB4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{E516B40F-58C8-468C-A436-19ABB08DCE04}" = protocol=6 | dir=in | app=c:\users\noddyczech\appdata\local\temp\kmsnano\qemu-system-i386.exe |
"{E66414AA-A241-4943-900E-8558693C459C}" = protocol=6 | dir=in | app=c:\program files (x86)\sony mobile\update engine\sony mobile update engine.exe |
"{E70E051A-0137-490C-9F51-05F26A9D9FDE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{E8C0709F-918E-4F12-9941-C6833532E27D}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe |
"{E9927A79-59D5-4E0E-AB7B-1E59D32073D8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{EDB28F66-351F-4C02-AD33-4B95352F7753}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe |
"{EDE851F5-D9C9-4A7F-B8EE-16FC8A728564}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{EE1D9EE0-0C94-4997-BC99-0025816C5DA9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EE52AD49-20D1-4FF2-8912-A4130FC636DE}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\srserver.exe |
"{F037F9BA-8CF4-41A2-AE16-2376D1D5DFD3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty ghosts\iw6sp64_ship.exe |
"{F1618AEE-DDC3-41A2-B6A9-DB7C8E977646}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pid\pid.exe |
"{F1C9D5BB-8668-4855-86E0-6ADDA3B47A4E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F2A3052D-E45A-483F-82C3-4F22A30052AA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2 - multiplayer mod\jcmplauncher.exe |
"{F77CE52A-6E4E-4594-9123-90E90858465C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mcpixel\mclauncher.exe |
"{FAC8FEBB-E324-4D2F-A4D5-08382107E457}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD9F4289-F872-423D-BEB7-95E87EE1972D}" = protocol=17 | dir=in | app=c:\users\noddyczech\downloads\utorrent.exe |
"{FE36C121-4184-4FE2-90B6-6CACA485D63E}" = dir=in | app=c:\program files (x86)\splashtop\splashtop remote\server\dataproxy.exe |
"TCP Query User{32277D15-6EE8-433C-875C-B8F4FA53E639}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{3392A635-55A2-48F0-8EBF-3F14603AE069}C:\program files\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\java.exe |
"TCP Query User{5FCE024A-E8E6-45F7-831B-E177814EEAB9}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe |
"TCP Query User{65C275EF-CF7B-4841-9748-074F9927E64E}C:\program files (x86)\nvidia corporation\grid workspace\grid workspace.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\grid workspace\grid workspace.exe |
"TCP Query User{76C99527-0A4F-437A-9EFE-52E0716492A4}C:\users\noddyczech\downloads\98465461214-wttchdgs\98465461214-wttchdgs\watch_dogs\bin\watch_dogs.exe" = protocol=6 | dir=in | app=c:\users\noddyczech\downloads\98465461214-wttchdgs\98465461214-wttchdgs\watch_dogs\bin\watch_dogs.exe |
"TCP Query User{853B340F-F255-4C5A-816B-870E341D3765}C:\users\noddyczech\desktop\tftpd32.exe" = protocol=6 | dir=in | app=c:\users\noddyczech\desktop\tftpd32.exe |
"TCP Query User{D10FE68B-5DCE-4F62-BC61-2337BF7FFE01}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe |
"TCP Query User{DA51882D-2FFB-40B0-8721-4E6632156EBB}C:\users\noddyczech\downloads\remotecontrolserver.exe" = protocol=6 | dir=in | app=c:\users\noddyczech\downloads\remotecontrolserver.exe |
"TCP Query User{EBEBF86C-DA60-4340-B47D-BA5C6DA4B3C0}C:\users\noddyczech\desktop\ostatní\starcraft ii\versions\base28667\sc2.exe" = protocol=6 | dir=in | app=c:\users\noddyczech\desktop\ostatní\starcraft ii\versions\base28667\sc2.exe |
"TCP Query User{F3FD881E-5A33-4FBD-95E6-777B3D3496A4}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{224F17E7-DE78-487B-AACA-66837BF04BB7}C:\program files (x86)\nvidia corporation\grid workspace\grid workspace.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nvidia corporation\grid workspace\grid workspace.exe |
"UDP Query User{23D8C405-2AFD-4980-BDED-AD3D9B4C2807}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{27CD6643-1E67-4D40-960C-12F07DB87084}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{2F2E1574-25F2-4B21-8AFE-90BFF6EDC206}C:\users\noddyczech\desktop\ostatní\starcraft ii\versions\base28667\sc2.exe" = protocol=17 | dir=in | app=c:\users\noddyczech\desktop\ostatní\starcraft ii\versions\base28667\sc2.exe |
"UDP Query User{396D95AC-86CE-41F4-AA06-649B1A90E953}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe |
"UDP Query User{67E6331E-AC5E-468E-93AE-8ABC71790D86}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe |
"UDP Query User{69F1BF31-8486-4E9D-A04F-C1DCA3263174}C:\users\noddyczech\downloads\remotecontrolserver.exe" = protocol=17 | dir=in | app=c:\users\noddyczech\downloads\remotecontrolserver.exe |
"UDP Query User{7DE3A720-42FC-4B77-A101-2E355ACE2ECF}C:\users\noddyczech\desktop\tftpd32.exe" = protocol=17 | dir=in | app=c:\users\noddyczech\desktop\tftpd32.exe |
"UDP Query User{9A9C4F50-6921-46F3-8653-D92F71270BF1}C:\users\noddyczech\downloads\98465461214-wttchdgs\98465461214-wttchdgs\watch_dogs\bin\watch_dogs.exe" = protocol=17 | dir=in | app=c:\users\noddyczech\downloads\98465461214-wttchdgs\98465461214-wttchdgs\watch_dogs\bin\watch_dogs.exe |
"UDP Query User{B7953589-7C70-4CD3-848C-F9E107FC39EE}C:\program files\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\java.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26A24AE4-039D-4CA4-87B4-2F86417055FF}" = Java 7 Update 55 (64-bit)
"{29EEBD96-9884-4D52-AC41-F22E1CCA8399}" = Studie zlepšení produktu HP Officejet 6500 E710a-f
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{2EF4B467-D867-4CBF-A8E0-93C5BCA33743}" = Základní software zařízení HP Officejet 6500 E710a-f
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5A68A656-979F-4168-8795-E2E368AA4DC2}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{787136D2-F0F8-4625-AA3F-72D7795AC842}" = Apple Mobile Device Support
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0405-1000-0000000FF1CE}" = Microsoft Access MUI (Czech) 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0405-1000-0000000FF1CE}" = Microsoft Excel MUI (Czech) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0017-0405-1000-0000000FF1CE}" = Microsoft SharePoint Designer MUI (Czech) 2013
"{90150000-0018-0405-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Czech) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0405-1000-0000000FF1CE}" = Microsoft Publisher MUI (Czech) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0405-1000-0000000FF1CE}" = Microsoft Outlook MUI (Czech) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0405-1000-0000000FF1CE}" = Microsoft Word MUI (Czech) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0405-1000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-041B-1000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2013
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0405-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Czech) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0405-1000-0000000FF1CE}" = Microsoft DCF MUI (Czech) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0405-1000-0000000FF1CE}" = Microsoft OneNote MUI (Czech) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0405-1000-0000000FF1CE}" = Microsoft Groove MUI (Czech) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0405-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Czech) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0405-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Czech) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0100-0405-1000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2013
"{90150000-0101-0405-1000-0000000FF1CE}" = Microsoft X MUI (Czech) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0405-1000-0000000FF1CE}" = Microsoft Lync MUI (Czech) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.0.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GRIDProClient" = NVIDIA GRID Workspace
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 12.4.67
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.23
"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{F51E7212-5D41-4EFA-9E92-BF23C98EBD71}" = Air Display Support
"Microsoft Security Client" = Microsoft Security Essentials
"Office15.OMUI.cs-cz" = Microsoft Office Language Pack 2013 - Czech/čeština
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{037CD593-D760-4A00-B030-7BBAFA1123FE}" = HP Officejet 6500 E710a-f Nápověda
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217051FF}" = Java 7 Update 55
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{418BAAD1-754D-48B4-B078-46EF4F25AF42}" = Google Drive
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0402.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5588D686-D23B-4C9D-BDFA-2A7875CD3722}" = GIGABYTE OC_GURU II
"{599276A7-F45D-40B1-A0B6-CF132A1CAD49}" = Battlefield™ Hardline Beta
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79BF4901-1EC4-4726-B3C2-A7859706C6E7}" = League of Legends
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B7C5EA94-B96A-41F5-BE95-25D78B486678}" = Splashtop Streamer
"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D9DAD0FF-495A-472B-9F10-BAE430A26682}" = Apple Application Support
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.206
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Afterburner" = MSI Afterburner 3.0.0
"Battlelog Web Plugins" = Battlelog Web Plugins
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dark Souls II_is1" = Dark Souls II
"Flashtool" = Flashtool
"Fraps" = Fraps (remove only)
"Google Chrome" = Google Chrome
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0402.1
"InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}" = GIGABYTE OC_GURU II
"InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B12.0206.1
"League of Legends 3.0.1" = League of Legends
"MagniDriver" = marvell 91xx driver
"Mirror's Edge_R.G. Mechanics_is1" = Mirror's Edge
"Mozilla Firefox 29.0.1 (x86 cs)" = Mozilla Firefox 29.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OnLive" = OnLive
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Rainmeter" = Rainmeter
"Splashtop Software Updater" = Splashtop Software Updater
"StarCraft II" = StarCraft II
"Steam" = Steam
"Steam App 104900" = ORION: Dino Horde
"Steam App 107800" = Rochard
"Steam App 201790" = Orcs Must Die! 2
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 20500" = Red Faction: Guerrilla
"Steam App 209160" = Call of Duty: Ghosts
"Steam App 209170" = Call of Duty: Ghosts - Multiplayer
"Steam App 20920" = The Witcher 2: Assassins of Kings Enhanced Edition
"Steam App 21100" = F.E.A.R. 3
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 218620" = PAYDAY 2
"Steam App 218740" = Pid
"Steam App 220860" = McPixel
"Steam App 221100" = DayZ
"Steam App 231430" = Company of Heroes 2
"Steam App 248820" = Risk of Rain
"Steam App 259080" = Just Cause 2: Multiplayer Mod
"Steam App 265930" = Goat Simulator
"Steam App 272350" = Tom Clancy's Ghost Recon Phantoms - EU
"Steam App 35450" = Rising Storm/Red Orchestra 2 Multiplayer
"Steam App 4000" = Garry's Mod
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steam App 570" = Dota 2
"Steam App 620" = Portal 2
"Steam App 63380" = Sniper Elite V2
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 8190" = Just Cause 2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"The Forest 1.0" = The Forest 1.0
"Tongbu2" = Tongbu Assistant 2.1.7.0
"Unigine Heaven Benchmark (Basic Edition)_is1" = Heaven Benchmark version 4.0
"Update Engine" = Sony Mobile Update Engine
"Update Service" = Sony Mobile Update Service
"Uplay" = Uplay
"VLC media player" = VLC media player 2.1.3
"WATCH_DOGS_is1" = WATCH_DOGS
"Wolfenstein The New Order_is1" = Wolfenstein The New Order

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-759392122-1515027182-328857685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 15.6.2014 9:49:20 | Computer Name = Noddy | Source = WinMgmt | ID = 10
Description =

Error - 15.6.2014 9:55:19 | Computer Name = Noddy | Source = WinMgmt | ID = 10
Description =

Error - 16.6.2014 0:51:33 | Computer Name = Noddy | Source = WinMgmt | ID = 10
Description =

Error - 16.6.2014 1:04:38 | Computer Name = Noddy | Source = NvStreamSvc | ID = 131073
Description =

Error - 16.6.2014 1:04:38 | Computer Name = Noddy | Source = NvStreamSvc | ID = 131073
Description =

Error - 16.6.2014 1:05:20 | Computer Name = Noddy | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Rainmeter.exe, verze: 3.0.2.2161, časové
razítko: 0x52701dcd Název chybujícího modulu: ole32.dll, verze: 6.1.7601.17514,
časové razítko: 0x4ce7c92c Kód výjimky: 0xc0000096 Posun chyby: 0x0000000000182948
ID
chybujícího procesu: 0x7f0 Čas spuštění chybující aplikace: 0x01cf8920629a405c Cesta
k chybující aplikaci: C:\Program Files\Rainmeter\Rainmeter.exe Cesta k chybujícímu
modulu: C:\Windows\system32\ole32.dll ID zprávy: cfe09b29-f513-11e3-bf2d-902b3437186a

Error - 16.6.2014 1:05:20 | Computer Name = Noddy | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru z jednoho z těchto
důvodů: došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen,
nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí. Systém
Windows kvůli této chybě ukončil program Rainmeter. Program: Rainmeter Soubor: Hodnota
chyby je uvedena v části Další údaje. Akce uživatele 1. Otevřete soubor znovu. Může
se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud
k souboru stále nelze získat přístup a: - Nachází se v síti, měl by správce sítě
ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném
disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen
do počítače. 3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten
lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz
CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte
klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte,
zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen.
Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového
hardwaru se žádostí o pomoc. Další údaje Hodnota chyby: 00000000 Typ disku: 0

Error - 16.6.2014 1:05:20 | Computer Name = Noddy | Source = WinMgmt | ID = 10
Description =

Error - 16.6.2014 8:26:43 | Computer Name = Noddy | Source = WinMgmt | ID = 10
Description =

Error - 17.6.2014 0:13:13 | Computer Name = Noddy | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 16.6.2014 1:00:27 | Computer Name = Noddy | Source = MCUpdate | ID = 0
Description = 7:00:27 - Chyba při připojování k Internetu 7:00:27 - Nelze kontaktovat
server..

Error - 16.6.2014 1:00:57 | Computer Name = Noddy | Source = MCUpdate | ID = 0
Description = 7:00:33 - Chyba při připojování k Internetu 7:00:33 - Nelze kontaktovat
server..

[ System Events ]
Error - 16.6.2014 1:02:37 | Computer Name = Noddy | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 16.6.2014 1:03:30 | Computer Name = Noddy | Source = Service Control Manager | ID = 7000
Description = Služba MBAMProtector neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 16.6.2014 1:03:39 | Computer Name = Noddy | Source = Service Control Manager | ID = 7000
Description = Služba MBAMScheduler neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 16.6.2014 1:03:39 | Computer Name = Noddy | Source = Service Control Manager | ID = 7001
Description = Služba MBAMService závisí na službě MBAMProtector, která neuspěla
při spuštění v důsledku následující chyby: %%2

Error - 16.6.2014 8:24:53 | Computer Name = Noddy | Source = Service Control Manager | ID = 7000
Description = Služba MBAMProtector neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 16.6.2014 8:25:02 | Computer Name = Noddy | Source = Service Control Manager | ID = 7000
Description = Služba MBAMScheduler neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 16.6.2014 8:25:02 | Computer Name = Noddy | Source = Service Control Manager | ID = 7001
Description = Služba MBAMService závisí na službě MBAMProtector, která neuspěla
při spuštění v důsledku následující chyby: %%2

Error - 17.6.2014 0:11:24 | Computer Name = Noddy | Source = Service Control Manager | ID = 7000
Description = Služba MBAMProtector neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 17.6.2014 0:11:35 | Computer Name = Noddy | Source = Service Control Manager | ID = 7000
Description = Služba MBAMScheduler neuspěla při spuštění v důsledku následující
chyby: %%2

Error - 17.6.2014 0:11:35 | Computer Name = Noddy | Source = Service Control Manager | ID = 7001
Description = Služba MBAMService závisí na službě MBAMProtector, která neuspěla
při spuštění v důsledku následující chyby: %%2


< End of report >

[Márty84]

Vypnete antivir, at nebrani programu v praci.
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
MBAMProtector
gupdate
MBAMService
MBAMScheduler
AdobeFlashPlayerUpdateSvc
gupdatem

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf4a44321f8b3d.job

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-759392122-1515027182-328857685-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tongbu.com/tongbu,version=0.1: C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll (同步网络平台)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
O4 - HKLM..\Run: [] File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[4 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F72C8153-7140-4FEE-8F69-CA4579D71195}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
"{8dcb7100-df86-4384-8842-8fa844297b3f}"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[NoddyCzech]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes

User: HomeGroupUser$
->Temp folder emptied: 0 bytes

User: NoddyCzech
->Temp folder emptied: 45576 bytes
->Temporary Internet Files folder emptied: 6531916 bytes
->Java cache emptied: 298276 bytes
->FireFox cache emptied: 359874620 bytes
->Google Chrome cache emptied: 367454392 bytes
->Flash cache emptied: 1354 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 27784 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43277810 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 741,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: Guest

User: HomeGroupUser$

User: NoddyCzech
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service MBAMProtector stopped successfully!
Service MBAMProtector deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service MBAMService stopped successfully!
Service MBAMService deleted successfully!
Service MBAMScheduler stopped successfully!
Service MBAMScheduler deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf4a44321f8b3d.job moved successfully.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-759392122-1515027182-328857685-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully.
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tongbu.com/tongbu,version=0.1\ deleted successfully.
C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll moved successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin\ deleted successfully.
File C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\E&xportovat do aplikace Microsoft Excel\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9241.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI3766.tmp deleted successfully.
C:\Windows\Installer\MSI3767.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F72C8153-7140-4FEE-8F69-CA4579D71195}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F72C8153-7140-4FEE-8F69-CA4579D71195}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 06172014_202500

Files\Folders moved on Reboot...
File move failed. C:\Users\NoddyCzech\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395c8fd8a849_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\NoddyCzech\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\6d1026b4fa6d4c49d77d65f8805a9c0_fce8395c8fd8a849_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\NoddyCzech\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\NoddyCzech\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

Prejmenujte ComboFix na Uninstall a spustte ho. CF by se mel odinstalovat.

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.piriform.com/ccleaner/download/slim a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[NoddyCzech]

Po tom co OTC restartovalo počítač byl zase zásek Jinak teď dělám defragmentaci a ta bude nejspíš na dýl

[Márty84]

Az dobehne, dejte vedet, jak to vypada. Pokud to bude pokracovat, haveti to bohuzel nebude.

[NoddyCzech]

Po zkušebním restartu už pc vůbec nenaskočí... Nejde jít ani do BIOSu, každopádně děkuji za vaši snahu.
*Edit: počítač asi po půl hodině naskočil, vypadalo to jako kdyby byl v režimu spánku ale přitom se zaseknul na té "BIOS obrazovce", asi to opravdu bude i hw chyba

[Márty84]

Zkuste, jestli jsou problemy se startem i do nouzoveho rezimu.