Dobrý den, prosím o kontrolu logu z RSIT, zdá se mi, že je comp pomalý. Děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Owner at 2014-07-02 20:36:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 186 GB (26%) free of 715 GB
Total RAM: 6038 MB (38% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:36:47, on 2.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe
C:\Program Files (x86)\Genius\Maurus\mousehid.exe
C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Owner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Chicony_OSD] "C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe"
O4 - HKLM\..\Run: [Maurus] C:\Program Files (x86)\Genius\Maurus\mousehid.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [HP Deskjet 3510 series (NET)] "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN33B1NG3805TY:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe" /MINIMIZED
O4 - Startup: Monitor technologie Intel(R) Turbo Boost 2.0.lnk = C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll,C:\windows\SysWOW64\nvinit.dll
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: ChiconyOSDService (OSDSvc) - Chicony - C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10982 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\SysWOW64\ezSharedSvcHost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe "-13527686592053213957-727553905-643824075662728203-1087567919-1444914519-3993967
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\SysWOW64\rundll32.exe" C:\windows\Syswow64\cm108.dll,CMICtrlWnd
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN33B1NG3805TY:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN33B1NG3805TY;CONNECTION=NW;MONITOR=1;
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe"
"C:\Program Files (x86)\Genius\Maurus\mousehid.exe"
"Apntex.exe"
"C:\Program Files\DellTPad\HidFind.exe"
\??\C:\windows\system32\conhost.exe "18465616251777613398-2109233880698680425-2050996515157977440173242895-438674422
"C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\IndicatorOSD.exe"
"C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Intel\TurboBoost\TurboBoost.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe"
C:\windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
"C:\Program Files\My Dell\imstrayicon.exe"
"C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe" /LAUNCHED
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskhost.exe C:\windows\system32\defrag.exe -c
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe130_ Global\UsGthrCtrlFltPipeMssGthrPipe130 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Users\Owner\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore1cf6aaf336911e0.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8bfc68f64773.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001Core1cf4c47c02b066f.job - C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001UA1cf6b52a585a103.job - C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default
prefs.js - "browser.startup.homepage" - "chrome://speeddial/content/speeddial.xul"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\extensions\
{0545b830-f0aa-4d7e-8820-50a4629a56fe}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-05-21 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2014-05-14 2335960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-05-21 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2011-05-20 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2014-05-14 1730264]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-08-04 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-08-04 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-08-04 416024]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-05-25 7214696]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-04-12 609144]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2013-12-10 1100248]
"Cm108Sound"=C:\windows\syswow64\RunDll32.exe [2009-07-14 44544]
"AtherosBtStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2011-05-20 627360]
"AthBtTray"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [2011-05-20 379552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Deskjet 3510 series (NET)"=C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-05 116648]
"uTorrent"=C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe [2014-07-02 1322832]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"Chicony_OSD"=C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe [2011-01-12 53248]
""= []
"Maurus"=C:\Program Files (x86)\Genius\Maurus\mousehid.exe [2011-11-14 300544]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Monitor technologie Intel(R) Turbo Boost 2.0.lnk - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk - C:\windows\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-07-19 390144]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"midi1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"midi6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"midi7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-07-02 20:36:44 ----D---- C:\rsit
2014-06-25 20:44:35 ----A---- C:\windows\SYSWOW64\BnetLog.txt
2014-06-22 14:29:40 ----D---- C:\Users\Owner\AppData\Roaming\NVIDIA
2014-06-21 18:01:48 ----A---- C:\BnetLog.txt
2014-06-21 17:41:16 ----D---- C:\Program Files (x86)\Diablo II
2014-06-21 01:46:03 ----D---- C:\ProgramData\RELOADED
2014-06-21 01:41:06 ----D---- C:\Program Files (x86)\Torchlight II
2014-06-19 17:40:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-06-10 19:24:06 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-06-10 19:24:06 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-06-10 19:24:06 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-06-10 19:24:06 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-06-10 19:24:06 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-10 19:24:06 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-06-10 19:24:05 ----A---- C:\windows\system32\urlmon.dll
2014-06-10 19:24:05 ----A---- C:\windows\system32\msfeeds.dll
2014-06-10 19:24:05 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-06-10 19:24:05 ----A---- C:\windows\system32\ieetwcollector.exe
2014-06-10 19:24:05 ----A---- C:\windows\system32\dxtmsft.dll
2014-06-10 19:24:04 ----A---- C:\windows\system32\iesetup.dll
2014-06-10 19:24:04 ----A---- C:\windows\system32\iertutil.dll
2014-06-10 19:24:04 ----A---- C:\windows\system32\ie4uinit.exe
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-06-10 19:24:03 ----A---- C:\windows\system32\jsproxy.dll
2014-06-10 19:24:03 ----A---- C:\windows\system32\iernonce.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\mshtmled.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\ieUnatt.exe
2014-06-10 19:24:02 ----A---- C:\windows\system32\ieui.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\ieframe.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\dxtrans.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\wininet.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\vbscript.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\msrating.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\jscript9diag.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\jscript9.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\ieapfltr.dll
2014-06-10 19:24:00 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-10 19:24:00 ----A---- C:\windows\system32\mshtml.dll
2014-06-10 19:21:22 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-10 19:21:22 ----A---- C:\windows\system32\rdpcorets.dll
2014-06-10 19:21:20 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-06-10 19:21:20 ----A---- C:\windows\system32\drivers\netio.sys
2014-06-10 19:21:20 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-10 19:21:19 ----A---- C:\windows\SYSWOW64\usp10.dll
2014-06-10 19:21:19 ----A---- C:\windows\system32\usp10.dll
2014-06-10 19:21:18 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2014-06-10 19:21:18 ----A---- C:\windows\SYSWOW64\msxml6.dll
2014-06-10 19:21:18 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-06-10 19:21:18 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-06-10 19:21:18 ----A---- C:\windows\system32\msxml6r.dll
2014-06-10 19:21:18 ----A---- C:\windows\system32\msxml6.dll
2014-06-10 19:21:18 ----A---- C:\windows\system32\msxml3r.dll
2014-06-10 19:21:18 ----A---- C:\windows\system32\msxml3.dll
2014-06-10 19:21:16 ----A---- C:\windows\system32\aepdu.dll
2014-06-10 19:21:16 ----A---- C:\windows\system32\aeinv.dll
2014-06-06 19:07:40 ----D---- C:\Users\Owner\AppData\Roaming\Battle.net
2014-06-06 19:07:24 ----D---- C:\Program Files (x86)\Battle.net
2014-06-06 19:01:15 ----D---- C:\Program Files (x86)\Battle.net.temp
2014-06-05 22:36:44 ----A---- C:\windows\SYSWOW64\nvStreaming.exe
2014-06-05 22:36:31 ----D---- C:\windows\SYSWOW64\NV
2014-06-05 22:36:31 ----D---- C:\windows\system32\NV
2014-06-05 22:31:31 ----A---- C:\windows\SYSWOW64\nvwgf2um.dll
2014-06-05 22:31:31 ----A---- C:\windows\system32\nvwgf2umx.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvopencl.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvoglv32.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvoglshim32.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\NvIFR.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\NvFBC.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvcuvid.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvcuvenc.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvcuda.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvcompiler.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvopencl.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvoglv64.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvoglshim64.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvinitx.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\NvIFR64.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\NvFBC64.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvdispgenco6433788.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvdispco6433788.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvd3dumx.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvcuvid.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvcuvenc.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvcuda.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvcompiler.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\drivers\nvpciflt.sys
2014-06-05 22:31:30 ----A---- C:\windows\system32\drivers\nvlddmkm.sys
2014-06-05 22:31:30 ----A---- C:\windows\system32\drivers\nvkflt.sys
======List of files/folders modified in the last 1 month======
2014-07-02 20:36:47 ----D---- C:\windows\Prefetch
2014-07-02 20:36:46 ----D---- C:\Program Files\trend micro
2014-07-02 20:36:18 ----D---- C:\windows\temp
2014-07-02 20:34:31 ----D---- C:\Users\Owner\AppData\Roaming\uTorrent
2014-07-02 18:59:10 ----D---- C:\windows\system32\config
2014-07-02 18:26:28 ----D---- C:\windows\System32
2014-07-02 18:26:28 ----D---- C:\windows\inf
2014-07-02 18:26:28 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-07-02 11:45:20 ----SHD---- C:\System Volume Information
2014-07-02 10:13:59 ----D---- C:\windows\system32\drivers
2014-06-28 03:42:04 ----D---- C:\Filmy
2014-06-28 03:38:44 ----D---- C:\Users\Owner\AppData\Roaming\Nero
2014-06-28 01:45:05 ----SD---- C:\Users\Owner\AppData\Roaming\Microsoft
2014-06-27 17:06:24 ----A---- C:\windows\SYSWOW64\log.txt
2014-06-27 17:03:55 ----D---- C:\ProgramData\NVIDIA
2014-06-26 21:03:41 ----D---- C:\ProgramData\PCDr
2014-06-25 20:44:42 ----D---- C:\windows\SysWOW64
2014-06-25 20:44:27 ----D---- C:\windows\system32\Tasks
2014-06-25 20:36:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-21 17:53:13 ----RD---- C:\Program Files (x86)
2014-06-21 01:46:03 ----D---- C:\ProgramData
2014-06-19 22:29:04 ----SHD---- C:\windows\Installer
2014-06-19 22:24:02 ----D---- C:\windows\Tasks
2014-06-12 07:12:54 ----D---- C:\windows\rescache
2014-06-11 17:24:45 ----D---- C:\Program Files (x86)\Diablo III
2014-06-10 19:42:46 ----D---- C:\windows\winsxs
2014-06-10 19:40:25 ----D---- C:\Program Files\Internet Explorer
2014-06-10 19:40:24 ----D---- C:\windows\SYSWOW64\en-US
2014-06-10 19:40:24 ----D---- C:\windows\system32\en-US
2014-06-10 19:40:24 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-10 19:40:23 ----D---- C:\windows\system32\DriverStore
2014-06-10 19:39:47 ----D---- C:\windows\system32\MRT
2014-06-10 19:36:08 ----A---- C:\windows\system32\MRT.exe
2014-06-10 19:35:38 ----RSD---- C:\windows\assembly
2014-06-10 19:35:18 ----D---- C:\ProgramData\Microsoft Help
2014-06-10 19:30:28 ----SD---- C:\windows\system32\CompatTel
2014-06-10 19:27:36 ----D---- C:\windows\system32\catroot2
2014-06-10 19:21:06 ----D---- C:\windows\system32\catroot
2014-06-09 17:57:53 ----D---- C:\Mp3
2014-06-09 06:48:59 ----D---- C:\ProgramData\AlawarWrapper
2014-06-07 20:08:28 ----D---- C:\Games Install
2014-06-06 19:03:28 ----AD---- C:\Windows
2014-06-05 22:37:07 ----D---- C:\temp
2014-06-05 22:36:50 ----D---- C:\Program Files (x86)\NVIDIA Corporation
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2014-05-20 32544]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2013-10-28 381440]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 nvkflt;nvkflt; C:\windows\system32\DRIVERS\nvkflt.sys [2014-05-20 301512]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R2 TurboB;Turbo Boost UI Monitor driver; C:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\windows\system32\DRIVERS\Apfiltr.sys [2011-05-13 363856]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2011-05-20 36000]
R3 athr;Dell Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-04-21 2727424]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2011-05-20 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2011-05-20 29344]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2011-05-20 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2011-05-20 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2011-05-20 154272]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2011-05-20 282272]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP; C:\windows\system32\DRIVERS\BthMtpEnum.sys [2009-07-14 64512]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2013-07-02 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2013-07-02 80384]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-07-19 12287456]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-05-31 2886888]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\windows\System32\Drivers\AthDfu.sys [2011-05-20 51872]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2013-07-01 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2013-07-02 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dgderdrv;dgderdrv; C:\windows\System32\drivers\dgderdrv.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBPNPA;USB PnP Sound Device Interface; C:\windows\system32\drivers\CM10864.sys [2013-02-01 4333568]
S3 usbrndis6;Adaptér USB RNDIS6; C:\windows\system32\DRIVERS\usb80236.sys [2013-07-02 19968]
S3 usbser;USB Modem Driver; C:\windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service; C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [2007-09-24 566560]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [2011-05-20 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2011-05-20 80032]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 ezSharedSvc;Easybits Services for Windows; C:\windows\syswow64\ezSharedSvcHost.exe [2013-07-25 517632]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 OSDSvc;ChiconyOSDService; C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe [2010-12-01 176128]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-12 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-12 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-19 119408]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2013-10-14 1255736]
S4 NetMsmqActivator;@c:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Zde je log
# AdwCleaner v3.214 - Report created 03/07/2014 at 08:24:54
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - VERUNKA
# Running from : C:\Users\Owner\Desktop\adwcleaner_3.214.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Users\Owner\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Owner\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\Public\Documents\AlawarWrapper
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
File Deleted : C:\Users\Owner\daemonprocess.txt
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKLM\Software\GoforFiles
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v30.0 (cs)
[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [1905 octets] - [03/07/2014 08:23:43]
AdwCleaner[S1].txt - [1765 octets] - [03/07/2014 08:24:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1825 octets] ##########
# AdwCleaner v3.214 - Report created 03/07/2014 at 08:24:54
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - VERUNKA
# Running from : C:\Users\Owner\Desktop\adwcleaner_3.214.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Users\Owner\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Owner\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\Public\Documents\AlawarWrapper
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
File Deleted : C:\Users\Owner\daemonprocess.txt
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DCABB943-792E-44C4-9029-ECBEE6265AF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKLM\Software\GoforFiles
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v30.0 (cs)
[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R1].txt - [1905 octets] - [03/07/2014 08:23:43]
AdwCleaner[S1].txt - [1765 octets] - [03/07/2014 08:24:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1825 octets] ##########
Re: Prosím o kontrolu logu
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
log
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 3.7.2014
Scan Time: 15:57:36
Logfile:
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.07.03.03
Rootkit Database: v2014.07.01.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Owner
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 513650
Time Elapsed: 1 hr, 21 min, 40 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 3
PUP.RiskwareTool.CK, C:\Users\Owner\Downloads\Nero 2014 Platinum 15.0.07700\Crack.rar, , [75aa3c5f85f6cd695d6f1690e0205da3],
PUP.RiskwareTool.CK, C:\Install\Nero\Nero_Patch\nero-patch.exe, , [73ac8b10e8939e98319b2b7b16ea6799],
PUP.Riskware.Patcher, C:\Install\Nero\Patch.ONLY.IF.SERIAL.DONT.WORK\nero.14.platinum.v15.0_patch.exe, , [fe21c9d277041f17e55517fb59a8b54b],
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 3.7.2014
Scan Time: 15:57:36
Logfile:
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.07.03.03
Rootkit Database: v2014.07.01.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Owner
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 513650
Time Elapsed: 1 hr, 21 min, 40 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 3
PUP.RiskwareTool.CK, C:\Users\Owner\Downloads\Nero 2014 Platinum 15.0.07700\Crack.rar, , [75aa3c5f85f6cd695d6f1690e0205da3],
PUP.RiskwareTool.CK, C:\Install\Nero\Nero_Patch\nero-patch.exe, , [73ac8b10e8939e98319b2b7b16ea6799],
PUP.Riskware.Patcher, C:\Install\Nero\Patch.ONLY.IF.SERIAL.DONT.WORK\nero.14.platinum.v15.0_patch.exe, , [fe21c9d277041f17e55517fb59a8b54b],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: Prosím o kontrolu logu
Nalezy doporucuji odstranit, pak MBAM odinstalujte. Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
Tak tedy:
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/07/03 19:09:56
-- Controller Map ----------------------------------------------------------
+ Intel(R) 6 Series/C200 Series Chipset Family 6 Port SATA AHCI Controller - 1C03 [ATA]
+ ATA Channel 0 (0)
- ST9750420AS ATA Device
+ ATA Channel 1 (1)
- TSSTcorp DVD+-RW SN-208BB ATA Device
- ATA Channel 4 (4)
-- Disk List ---------------------------------------------------------------
(1) ST9750420AS : 750,1 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST9750420AS
----------------------------------------------------------------------------
Model : ST9750420AS
Firmware : 0002DEM1
Serial Number : 5WS34A31
Disk Size : 750,1 GB (8,4/137,4/750,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 9523 hod.
Power On Count : 1237 krát
Host Reads : 498 GB
Host Writes : 1462 GB
Temparature : 43 C (109 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 113 _90 __6 0000030E0FE0 Počet chyb čtení
03 _98 _98 _85 000000000000 Čas na roztočení ploten
04 _98 _98 _20 0000000009AC Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _80 _60 _30 0000062FECE9 Počet chybných hledání
09 _90 _90 __0 000000002533 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 0000000004D5 Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB __1 __1 __0 0000000000B1 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000000000005 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _57 _42 _45 BFCF3414002B Teplota toku vzduchu
BF 100 100 __0 00000000006A Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000064 Počet vypnutí disku
C1 _68 _68 __0 000000010000 Počet cyklů načítání/vymazání
C2 _43 _58 __0 00100000002B Teplota
C3 113 _99 __0 0000030E0FE0 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 1E880000247A Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0000B6D6CBB4 Total LBAs Written
F2 100 253 __0 00003E545928 Total LBAs Read
FE 100 100 __0 000000000000 Ochrana proti pádu
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3557 3557 5333 3441 3331
020: 0000 8000 0004 3030 3032 4D31 4D31 5354 3937 3530
030: 3432 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 FFFF 003F 003F FFC1 003E 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0F06 0F06 0000 0048 0040
080: 01F0 0029 746B 7D09 61E3 BC09 BC09 61E3 407F 0044
090: 0044 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 6003 6003 0000 5000 C500
110: 44BA 6D5F 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 66F0
130: 5754 66F0 5754 2020 0002 0108 0108 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 01FF 01FF 0280 0000 0000
150: 0008 0000 0000 0000 1028 4000 4000 0000 4200 8060
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 6AA5
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x64)
Date : 2014/07/03 19:09:56
-- Controller Map ----------------------------------------------------------
+ Intel(R) 6 Series/C200 Series Chipset Family 6 Port SATA AHCI Controller - 1C03 [ATA]
+ ATA Channel 0 (0)
- ST9750420AS ATA Device
+ ATA Channel 1 (1)
- TSSTcorp DVD+-RW SN-208BB ATA Device
- ATA Channel 4 (4)
-- Disk List ---------------------------------------------------------------
(1) ST9750420AS : 750,1 GB [0/0/0, pd1] - st
----------------------------------------------------------------------------
(1) ST9750420AS
----------------------------------------------------------------------------
Model : ST9750420AS
Firmware : 0002DEM1
Serial Number : 5WS34A31
Disk Size : 750,1 GB (8,4/137,4/750,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/300
Power On Hours : 9523 hod.
Power On Count : 1237 krát
Host Reads : 498 GB
Host Writes : 1462 GB
Temparature : 43 C (109 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 113 _90 __6 0000030E0FE0 Počet chyb čtení
03 _98 _98 _85 000000000000 Čas na roztočení ploten
04 _98 _98 _20 0000000009AC Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _80 _60 _30 0000062FECE9 Počet chybných hledání
09 _90 _90 __0 000000002533 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 0000000004D5 Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB __1 __1 __0 0000000000B1 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000000000005 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _57 _42 _45 BFCF3414002B Teplota toku vzduchu
BF 100 100 __0 00000000006A Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000064 Počet vypnutí disku
C1 _68 _68 __0 000000010000 Počet cyklů načítání/vymazání
C2 _43 _58 __0 00100000002B Teplota
C3 113 _99 __0 0000030E0FE0 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 1E880000247A Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0000B6D6CBB4 Total LBAs Written
F2 100 253 __0 00003E545928 Total LBAs Read
FE 100 100 __0 000000000000 Ochrana proti pádu
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3557 3557 5333 3441 3331
020: 0000 8000 0004 3030 3032 4D31 4D31 5354 3937 3530
030: 3432 3041 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 FFFF 003F 003F FFC1 003E 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0F06 0F06 0000 0048 0040
080: 01F0 0029 746B 7D09 61E3 BC09 BC09 61E3 407F 0044
090: 0044 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 6003 6003 0000 5000 C500
110: 44BA 6D5F 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 66F0
130: 5754 66F0 5754 2020 0002 0108 0108 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 01FF 01FF 0280 0000 0000
150: 0008 0000 0000 0000 1028 4000 4000 0000 4200 8060
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 303F 303F 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 6AA5
Re: Prosím o kontrolu logu
Disk hlasi spoustu chyb, i to muze byt pricina problemu. Uvidime po docisteni.
Dejte novy log z RSIT
Dejte novy log z RSIT
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
log rsit
Logfile of random's system information tool 1.09 (written by random/random)
Run by Owner at 2014-07-04 15:47:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 180 GB (25%) free of 715 GB
Total RAM: 6038 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:47:26, on 4.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe
C:\Program Files (x86)\Genius\Maurus\mousehid.exe
C:\Program Files\trend micro\Owner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Chicony_OSD] "C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe"
O4 - HKLM\..\Run: [Maurus] C:\Program Files (x86)\Genius\Maurus\mousehid.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [HP Deskjet 3510 series (NET)] "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN33B1NG3805TY:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe" /MINIMIZED
O4 - Startup: Monitor technologie Intel(R) Turbo Boost 2.0.lnk = C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll, C:\windows\SysWOW64\nvinit.dll
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: ChiconyOSDService (OSDSvc) - Chicony - C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10931 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\SysWOW64\ezSharedSvcHost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"taskhost.exe"
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe "-1414884138776380407166517467-493008364-667647005-370960392105328154-704458254
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\SysWOW64\rundll32.exe" C:\windows\Syswow64\cm108.dll,CMICtrlWnd
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN33B1NG3805TY:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
"C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe" /MINIMIZED
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE" /tsr
"C:\windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN33B1NG3805TY;CONNECTION=NW;MONITOR=1;
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\windows\system32\conhost.exe "63842941526438664010672491681882721699-1795965945-1390000498-188633758-1903938440
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe"
"C:\Program Files (x86)\Genius\Maurus\mousehid.exe"
"C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\IndicatorOSD.exe"
"C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Intel\TurboBoost\TurboBoost.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Microsoft Office\Office15\EXCEL.EXE" -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\My Dell\imstrayicon.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\igfxsrvc.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Owner\Desktop\RSITx64.exe"
"C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore1cf6aaf336911e0.job
C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8bfc68f64773.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001Core1cf4c47c02b066f.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001UA1cf6b52a585a103.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default
prefs.js - "browser.startup.homepage" - "chrome://speeddial/content/speeddial.xul"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\extensions\
{0545b830-f0aa-4d7e-8820-50a4629a56fe}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-05-21 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2014-05-14 2335960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-05-21 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2011-05-20 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2014-05-14 1730264]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-08-04 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-08-04 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-08-04 416024]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-05-25 7214696]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-04-12 609144]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2013-12-10 1100248]
"Cm108Sound"=C:\windows\syswow64\RunDll32.exe [2009-07-14 44544]
"AtherosBtStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2011-05-20 627360]
"AthBtTray"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [2011-05-20 379552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Deskjet 3510 series (NET)"=C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-05 116648]
"uTorrent"=C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe [2014-07-02 1322832]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"Chicony_OSD"=C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe [2011-01-12 53248]
""= []
"Maurus"=C:\Program Files (x86)\Genius\Maurus\mousehid.exe [2011-11-14 300544]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Monitor technologie Intel(R) Turbo Boost 2.0.lnk - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk - C:\windows\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll, C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-07-19 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"midi1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"midi6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"midi7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-07-03 17:20:43 ----A---- C:\log.txt
2014-07-03 15:34:26 ----A---- C:\windows\system32\wups2.dll
2014-07-03 15:34:26 ----A---- C:\windows\system32\wucltux.dll
2014-07-03 15:34:26 ----A---- C:\windows\system32\wuaueng.dll
2014-07-03 15:34:26 ----A---- C:\windows\system32\wuauclt.exe
2014-07-03 15:34:16 ----A---- C:\windows\SYSWOW64\wups.dll
2014-07-03 15:34:16 ----A---- C:\windows\SYSWOW64\wudriver.dll
2014-07-03 15:34:16 ----A---- C:\windows\SYSWOW64\wuapi.dll
2014-07-03 15:34:16 ----A---- C:\windows\system32\wups.dll
2014-07-03 15:34:16 ----A---- C:\windows\system32\wudriver.dll
2014-07-03 15:34:16 ----A---- C:\windows\system32\wuapi.dll
2014-07-03 15:34:00 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2014-07-03 15:34:00 ----A---- C:\windows\SYSWOW64\wuapp.exe
2014-07-03 15:34:00 ----A---- C:\windows\system32\wuwebv.dll
2014-07-03 15:34:00 ----A---- C:\windows\system32\wuapp.exe
2014-07-03 13:53:22 ----D---- C:\ProgramData\Malwarebytes
2014-07-03 08:24:06 ----A---- C:\windows\SYSWOW64\sqlite3.dll
2014-07-03 08:23:41 ----D---- C:\AdwCleaner
2014-07-02 20:36:44 ----D---- C:\rsit
2014-06-25 20:44:35 ----A---- C:\windows\SYSWOW64\BnetLog.txt
2014-06-22 14:29:40 ----D---- C:\Users\Owner\AppData\Roaming\NVIDIA
2014-06-21 18:01:48 ----A---- C:\BnetLog.txt
2014-06-21 17:41:16 ----D---- C:\Program Files (x86)\Diablo II
2014-06-21 01:46:03 ----D---- C:\ProgramData\RELOADED
2014-06-21 01:41:06 ----D---- C:\Program Files (x86)\Torchlight II
2014-06-19 17:40:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-06-10 19:24:06 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-06-10 19:24:06 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-06-10 19:24:06 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-06-10 19:24:06 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-06-10 19:24:06 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-10 19:24:06 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-06-10 19:24:05 ----A---- C:\windows\system32\urlmon.dll
2014-06-10 19:24:05 ----A---- C:\windows\system32\msfeeds.dll
2014-06-10 19:24:05 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-06-10 19:24:05 ----A---- C:\windows\system32\ieetwcollector.exe
2014-06-10 19:24:05 ----A---- C:\windows\system32\dxtmsft.dll
2014-06-10 19:24:04 ----A---- C:\windows\system32\iesetup.dll
2014-06-10 19:24:04 ----A---- C:\windows\system32\iertutil.dll
2014-06-10 19:24:04 ----A---- C:\windows\system32\ie4uinit.exe
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-06-10 19:24:03 ----A---- C:\windows\system32\jsproxy.dll
2014-06-10 19:24:03 ----A---- C:\windows\system32\iernonce.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\mshtmled.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\ieUnatt.exe
2014-06-10 19:24:02 ----A---- C:\windows\system32\ieui.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\ieframe.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\dxtrans.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\wininet.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\vbscript.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\msrating.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\jscript9diag.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\jscript9.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\ieapfltr.dll
2014-06-10 19:24:00 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-10 19:24:00 ----A---- C:\windows\system32\mshtml.dll
2014-06-10 19:21:22 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-10 19:21:22 ----A---- C:\windows\system32\rdpcorets.dll
2014-06-10 19:21:20 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-06-10 19:21:20 ----A---- C:\windows\system32\drivers\netio.sys
2014-06-10 19:21:20 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-10 19:21:19 ----A---- C:\windows\SYSWOW64\usp10.dll
2014-06-10 19:21:19 ----A---- C:\windows\system32\usp10.dll
2014-06-10 19:21:18 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2014-06-10 19:21:18 ----A---- C:\windows\SYSWOW64\msxml6.dll
2014-06-10 19:21:18 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-06-10 19:21:18 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-06-10 19:21:18 ----A---- C:\windows\system32\msxml6r.dll
2014-06-10 19:21:18 ----A---- C:\windows\system32\msxml6.dll
2014-06-10 19:21:18 ----A---- C:\windows\system32\msxml3r.dll
2014-06-10 19:21:18 ----A---- C:\windows\system32\msxml3.dll
2014-06-10 19:21:16 ----A---- C:\windows\system32\aepdu.dll
2014-06-10 19:21:16 ----A---- C:\windows\system32\aeinv.dll
2014-06-06 19:07:40 ----D---- C:\Users\Owner\AppData\Roaming\Battle.net
2014-06-06 19:07:24 ----D---- C:\Program Files (x86)\Battle.net
2014-06-06 19:01:15 ----D---- C:\Program Files (x86)\Battle.net.temp
2014-06-05 22:36:44 ----A---- C:\windows\SYSWOW64\nvStreaming.exe
2014-06-05 22:36:31 ----D---- C:\windows\SYSWOW64\NV
2014-06-05 22:36:31 ----D---- C:\windows\system32\NV
2014-06-05 22:31:31 ----A---- C:\windows\SYSWOW64\nvwgf2um.dll
2014-06-05 22:31:31 ----A---- C:\windows\system32\nvwgf2umx.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvopencl.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvoglv32.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvoglshim32.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\NvIFR.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\NvFBC.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvcuvid.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvcuvenc.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvcuda.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvcompiler.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvopencl.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvoglv64.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvoglshim64.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvinitx.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\NvIFR64.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\NvFBC64.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvdispgenco6433788.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvdispco6433788.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvd3dumx.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvcuvid.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvcuvenc.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvcuda.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvcompiler.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\drivers\nvpciflt.sys
2014-06-05 22:31:30 ----A---- C:\windows\system32\drivers\nvlddmkm.sys
2014-06-05 22:31:30 ----A---- C:\windows\system32\drivers\nvkflt.sys
======List of files/folders modified in the last 1 month======
2014-07-04 15:47:26 ----D---- C:\windows\Prefetch
2014-07-04 15:47:25 ----D---- C:\Program Files\trend micro
2014-07-04 15:43:10 ----D---- C:\Users\Owner\AppData\Roaming\uTorrent
2014-07-04 15:35:40 ----D---- C:\windows\temp
2014-07-04 14:40:38 ----D---- C:\windows\system32\config
2014-07-04 14:32:30 ----D---- C:\windows\system32\drivers
2014-07-04 14:22:04 ----D---- C:\windows\System32
2014-07-04 14:22:04 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-07-04 14:22:03 ----D---- C:\windows\inf
2014-07-03 19:09:06 ----D---- C:\Install
2014-07-03 19:06:48 ----RD---- C:\Program Files (x86)
2014-07-03 19:05:08 ----A---- C:\windows\SYSWOW64\log.txt
2014-07-03 19:02:51 ----D---- C:\ProgramData\NVIDIA
2014-07-03 19:01:32 ----D---- C:\windows\ModemLogs
2014-07-03 15:51:19 ----D---- C:\windows\winsxs
2014-07-03 15:50:54 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-07-03 15:50:54 ----D---- C:\windows\SysWOW64
2014-07-03 15:50:54 ----D---- C:\windows\system32\cs-CZ
2014-07-03 15:50:47 ----D---- C:\windows\IME
2014-07-03 15:34:33 ----D---- C:\windows\system32\catroot
2014-07-03 15:33:52 ----SHD---- C:\System Volume Information
2014-07-03 13:53:22 ----D---- C:\ProgramData
2014-07-02 21:46:26 ----D---- C:\ProgramData\PCDr
2014-06-28 03:42:04 ----D---- C:\Filmy
2014-06-28 03:38:44 ----D---- C:\Users\Owner\AppData\Roaming\Nero
2014-06-28 01:45:05 ----SD---- C:\Users\Owner\AppData\Roaming\Microsoft
2014-06-25 20:44:27 ----D---- C:\windows\system32\Tasks
2014-06-25 20:36:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-19 22:29:04 ----SHD---- C:\windows\Installer
2014-06-19 22:24:02 ----D---- C:\windows\Tasks
2014-06-12 07:12:54 ----D---- C:\windows\rescache
2014-06-11 17:24:45 ----D---- C:\Program Files (x86)\Diablo III
2014-06-10 19:40:25 ----D---- C:\Program Files\Internet Explorer
2014-06-10 19:40:24 ----D---- C:\windows\SYSWOW64\en-US
2014-06-10 19:40:24 ----D---- C:\windows\system32\en-US
2014-06-10 19:40:24 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-10 19:40:23 ----D---- C:\windows\system32\DriverStore
2014-06-10 19:39:47 ----D---- C:\windows\system32\MRT
2014-06-10 19:36:08 ----A---- C:\windows\system32\MRT.exe
2014-06-10 19:35:38 ----RSD---- C:\windows\assembly
2014-06-10 19:35:18 ----D---- C:\ProgramData\Microsoft Help
2014-06-10 19:30:28 ----SD---- C:\windows\system32\CompatTel
2014-06-10 19:27:36 ----D---- C:\windows\system32\catroot2
2014-06-09 17:57:53 ----D---- C:\Mp3
2014-06-07 20:08:28 ----D---- C:\Games Install
2014-06-06 19:03:28 ----AD---- C:\Windows
2014-06-05 22:37:07 ----D---- C:\temp
2014-06-05 22:36:50 ----D---- C:\Program Files (x86)\NVIDIA Corporation
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2014-05-20 32544]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2013-10-28 381440]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 nvkflt;nvkflt; C:\windows\system32\DRIVERS\nvkflt.sys [2014-05-20 301512]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R2 TurboB;Turbo Boost UI Monitor driver; C:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\windows\system32\DRIVERS\Apfiltr.sys [2011-05-13 363856]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2011-05-20 36000]
R3 athr;Dell Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-04-21 2727424]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2011-05-20 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2011-05-20 29344]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2011-05-20 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2011-05-20 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2011-05-20 154272]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2011-05-20 282272]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP; C:\windows\system32\DRIVERS\BthMtpEnum.sys [2009-07-14 64512]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2013-07-02 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2013-07-02 80384]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-07-19 12287456]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-05-31 2886888]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\windows\System32\Drivers\AthDfu.sys [2011-05-20 51872]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2013-07-01 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2013-07-02 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dgderdrv;dgderdrv; C:\windows\System32\drivers\dgderdrv.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBPNPA;USB PnP Sound Device Interface; C:\windows\system32\drivers\CM10864.sys [2013-02-01 4333568]
S3 usbrndis6;Adaptér USB RNDIS6; C:\windows\system32\DRIVERS\usb80236.sys [2013-07-02 19968]
S3 usbser;USB Modem Driver; C:\windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service; C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [2007-09-24 566560]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [2011-05-20 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2011-05-20 80032]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 ezSharedSvc;Easybits Services for Windows; C:\windows\syswow64\ezSharedSvcHost.exe [2013-07-25 517632]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 OSDSvc;ChiconyOSDService; C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe [2010-12-01 176128]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-12 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-12 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-19 119408]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2013-10-14 1255736]
S4 NetMsmqActivator;@c:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Owner at 2014-07-04 15:47:24
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 180 GB (25%) free of 715 GB
Total RAM: 6038 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:47:26, on 4.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe
C:\Program Files (x86)\Genius\Maurus\mousehid.exe
C:\Program Files\trend micro\Owner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Chicony_OSD] "C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe"
O4 - HKLM\..\Run: [Maurus] C:\Program Files (x86)\Genius\Maurus\mousehid.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [HP Deskjet 3510 series (NET)] "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN33B1NG3805TY:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe" /MINIMIZED
O4 - Startup: Monitor technologie Intel(R) Turbo Boost 2.0.lnk = C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll, C:\windows\SysWOW64\nvinit.dll
O23 - Service: ABBYY FineReader 9.0 Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: ChiconyOSDService (OSDSvc) - Chicony - C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10931 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\windows\SysWOW64\ezSharedSvcHost.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\windows\system32\rundll32.exe" Shell32.dll,Control_RunDLL mmsys.cpl
"taskhost.exe"
C:\windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe "-1414884138776380407166517467-493008364-667647005-370960392105328154-704458254
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\SysWOW64\rundll32.exe" C:\windows\Syswow64\cm108.dll,CMICtrlWnd
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN33B1NG3805TY:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1
"C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe" /MINIMIZED
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE" /tsr
"C:\windows\system32\RunDll32.exe" "C:\Program Files\HP\HP Deskjet 3510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN33B1NG3805TY;CONNECTION=NW;MONITOR=1;
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\windows\system32\conhost.exe "63842941526438664010672491681882721699-1795965945-1390000498-188633758-1903938440
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe"
"C:\Program Files (x86)\Genius\Maurus\mousehid.exe"
"C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\IndicatorOSD.exe"
"C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Intel\TurboBoost\TurboBoost.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Microsoft Office\Office15\EXCEL.EXE" -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\My Dell\imstrayicon.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\igfxsrvc.exe -Embedding
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Owner\Desktop\RSITx64.exe"
"C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore1cf6aaf336911e0.job
C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8bfc68f64773.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001Core1cf4c47c02b066f.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001UA1cf6b52a585a103.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default
prefs.js - "browser.startup.homepage" - "chrome://speeddial/content/speeddial.xul"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\windows\system32\Wat\npWatWeb.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\extensions\
{0545b830-f0aa-4d7e-8820-50a4629a56fe}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-05-21 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL [2014-01-23 881880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL [2014-05-14 2335960]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-05-21 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2011-05-20 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office15\URLREDIR.DLL [2014-01-22 707800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~2\Office15\GROOVEEX.DLL [2014-05-14 1730264]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-08-04 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-08-04 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-08-04 416024]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-05-25 7214696]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-04-12 609144]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2013-09-12 5618456]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2013-12-10 2279712]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2013-12-10 1100248]
"Cm108Sound"=C:\windows\syswow64\RunDll32.exe [2009-07-14 44544]
"AtherosBtStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2011-05-20 627360]
"AthBtTray"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [2011-05-20 379552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Deskjet 3510 series (NET)"=C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Google Update"=C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-05 116648]
"uTorrent"=C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe [2014-07-02 1322832]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"Chicony_OSD"=C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe [2011-01-12 53248]
""= []
"Maurus"=C:\Program Files (x86)\Genius\Maurus\mousehid.exe [2011-11-14 300544]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Monitor technologie Intel(R) Turbo Boost 2.0.lnk - C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk - C:\windows\system32\RunDll32.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll, C:\windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-07-19 390144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0
"DisableChangePassword"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"EnableShellExecuteHooks"=1
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"midi1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"midi5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"midi6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"midi7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2014-07-03 17:20:43 ----A---- C:\log.txt
2014-07-03 15:34:26 ----A---- C:\windows\system32\wups2.dll
2014-07-03 15:34:26 ----A---- C:\windows\system32\wucltux.dll
2014-07-03 15:34:26 ----A---- C:\windows\system32\wuaueng.dll
2014-07-03 15:34:26 ----A---- C:\windows\system32\wuauclt.exe
2014-07-03 15:34:16 ----A---- C:\windows\SYSWOW64\wups.dll
2014-07-03 15:34:16 ----A---- C:\windows\SYSWOW64\wudriver.dll
2014-07-03 15:34:16 ----A---- C:\windows\SYSWOW64\wuapi.dll
2014-07-03 15:34:16 ----A---- C:\windows\system32\wups.dll
2014-07-03 15:34:16 ----A---- C:\windows\system32\wudriver.dll
2014-07-03 15:34:16 ----A---- C:\windows\system32\wuapi.dll
2014-07-03 15:34:00 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2014-07-03 15:34:00 ----A---- C:\windows\SYSWOW64\wuapp.exe
2014-07-03 15:34:00 ----A---- C:\windows\system32\wuwebv.dll
2014-07-03 15:34:00 ----A---- C:\windows\system32\wuapp.exe
2014-07-03 13:53:22 ----D---- C:\ProgramData\Malwarebytes
2014-07-03 08:24:06 ----A---- C:\windows\SYSWOW64\sqlite3.dll
2014-07-03 08:23:41 ----D---- C:\AdwCleaner
2014-07-02 20:36:44 ----D---- C:\rsit
2014-06-25 20:44:35 ----A---- C:\windows\SYSWOW64\BnetLog.txt
2014-06-22 14:29:40 ----D---- C:\Users\Owner\AppData\Roaming\NVIDIA
2014-06-21 18:01:48 ----A---- C:\BnetLog.txt
2014-06-21 17:41:16 ----D---- C:\Program Files (x86)\Diablo II
2014-06-21 01:46:03 ----D---- C:\ProgramData\RELOADED
2014-06-21 01:41:06 ----D---- C:\Program Files (x86)\Torchlight II
2014-06-19 17:40:21 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-06-10 19:24:07 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-06-10 19:24:06 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-06-10 19:24:06 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-06-10 19:24:06 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-06-10 19:24:06 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-06-10 19:24:06 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-10 19:24:06 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-06-10 19:24:05 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-06-10 19:24:05 ----A---- C:\windows\system32\urlmon.dll
2014-06-10 19:24:05 ----A---- C:\windows\system32\msfeeds.dll
2014-06-10 19:24:05 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-06-10 19:24:05 ----A---- C:\windows\system32\ieetwcollector.exe
2014-06-10 19:24:05 ----A---- C:\windows\system32\dxtmsft.dll
2014-06-10 19:24:04 ----A---- C:\windows\system32\iesetup.dll
2014-06-10 19:24:04 ----A---- C:\windows\system32\iertutil.dll
2014-06-10 19:24:04 ----A---- C:\windows\system32\ie4uinit.exe
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-06-10 19:24:03 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-06-10 19:24:03 ----A---- C:\windows\system32\jsproxy.dll
2014-06-10 19:24:03 ----A---- C:\windows\system32\iernonce.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\mshtmled.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\ieUnatt.exe
2014-06-10 19:24:02 ----A---- C:\windows\system32\ieui.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\ieframe.dll
2014-06-10 19:24:02 ----A---- C:\windows\system32\dxtrans.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\wininet.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\vbscript.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\msrating.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\jscript9diag.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\jscript9.dll
2014-06-10 19:24:01 ----A---- C:\windows\system32\ieapfltr.dll
2014-06-10 19:24:00 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-10 19:24:00 ----A---- C:\windows\system32\mshtml.dll
2014-06-10 19:21:22 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-10 19:21:22 ----A---- C:\windows\system32\rdpcorets.dll
2014-06-10 19:21:20 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-06-10 19:21:20 ----A---- C:\windows\system32\drivers\netio.sys
2014-06-10 19:21:20 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-10 19:21:19 ----A---- C:\windows\SYSWOW64\usp10.dll
2014-06-10 19:21:19 ----A---- C:\windows\system32\usp10.dll
2014-06-10 19:21:18 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2014-06-10 19:21:18 ----A---- C:\windows\SYSWOW64\msxml6.dll
2014-06-10 19:21:18 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-06-10 19:21:18 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-06-10 19:21:18 ----A---- C:\windows\system32\msxml6r.dll
2014-06-10 19:21:18 ----A---- C:\windows\system32\msxml6.dll
2014-06-10 19:21:18 ----A---- C:\windows\system32\msxml3r.dll
2014-06-10 19:21:18 ----A---- C:\windows\system32\msxml3.dll
2014-06-10 19:21:16 ----A---- C:\windows\system32\aepdu.dll
2014-06-10 19:21:16 ----A---- C:\windows\system32\aeinv.dll
2014-06-06 19:07:40 ----D---- C:\Users\Owner\AppData\Roaming\Battle.net
2014-06-06 19:07:24 ----D---- C:\Program Files (x86)\Battle.net
2014-06-06 19:01:15 ----D---- C:\Program Files (x86)\Battle.net.temp
2014-06-05 22:36:44 ----A---- C:\windows\SYSWOW64\nvStreaming.exe
2014-06-05 22:36:31 ----D---- C:\windows\SYSWOW64\NV
2014-06-05 22:36:31 ----D---- C:\windows\system32\NV
2014-06-05 22:31:31 ----A---- C:\windows\SYSWOW64\nvwgf2um.dll
2014-06-05 22:31:31 ----A---- C:\windows\system32\nvwgf2umx.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvopencl.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvoglv32.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvoglshim32.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\NvIFR.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\NvFBC.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvcuvid.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvcuvenc.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvcuda.dll
2014-06-05 22:31:30 ----A---- C:\windows\SYSWOW64\nvcompiler.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvopencl.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvoglv64.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvoglshim64.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvinitx.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\NvIFR64.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\NvFBC64.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvdispgenco6433788.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvdispco6433788.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvd3dumx.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvcuvid.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvcuvenc.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvcuda.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\nvcompiler.dll
2014-06-05 22:31:30 ----A---- C:\windows\system32\drivers\nvpciflt.sys
2014-06-05 22:31:30 ----A---- C:\windows\system32\drivers\nvlddmkm.sys
2014-06-05 22:31:30 ----A---- C:\windows\system32\drivers\nvkflt.sys
======List of files/folders modified in the last 1 month======
2014-07-04 15:47:26 ----D---- C:\windows\Prefetch
2014-07-04 15:47:25 ----D---- C:\Program Files\trend micro
2014-07-04 15:43:10 ----D---- C:\Users\Owner\AppData\Roaming\uTorrent
2014-07-04 15:35:40 ----D---- C:\windows\temp
2014-07-04 14:40:38 ----D---- C:\windows\system32\config
2014-07-04 14:32:30 ----D---- C:\windows\system32\drivers
2014-07-04 14:22:04 ----D---- C:\windows\System32
2014-07-04 14:22:04 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-07-04 14:22:03 ----D---- C:\windows\inf
2014-07-03 19:09:06 ----D---- C:\Install
2014-07-03 19:06:48 ----RD---- C:\Program Files (x86)
2014-07-03 19:05:08 ----A---- C:\windows\SYSWOW64\log.txt
2014-07-03 19:02:51 ----D---- C:\ProgramData\NVIDIA
2014-07-03 19:01:32 ----D---- C:\windows\ModemLogs
2014-07-03 15:51:19 ----D---- C:\windows\winsxs
2014-07-03 15:50:54 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-07-03 15:50:54 ----D---- C:\windows\SysWOW64
2014-07-03 15:50:54 ----D---- C:\windows\system32\cs-CZ
2014-07-03 15:50:47 ----D---- C:\windows\IME
2014-07-03 15:34:33 ----D---- C:\windows\system32\catroot
2014-07-03 15:33:52 ----SHD---- C:\System Volume Information
2014-07-03 13:53:22 ----D---- C:\ProgramData
2014-07-02 21:46:26 ----D---- C:\ProgramData\PCDr
2014-06-28 03:42:04 ----D---- C:\Filmy
2014-06-28 03:38:44 ----D---- C:\Users\Owner\AppData\Roaming\Nero
2014-06-28 01:45:05 ----SD---- C:\Users\Owner\AppData\Roaming\Microsoft
2014-06-25 20:44:27 ----D---- C:\windows\system32\Tasks
2014-06-25 20:36:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-19 22:29:04 ----SHD---- C:\windows\Installer
2014-06-19 22:24:02 ----D---- C:\windows\Tasks
2014-06-12 07:12:54 ----D---- C:\windows\rescache
2014-06-11 17:24:45 ----D---- C:\Program Files (x86)\Diablo III
2014-06-10 19:40:25 ----D---- C:\Program Files\Internet Explorer
2014-06-10 19:40:24 ----D---- C:\windows\SYSWOW64\en-US
2014-06-10 19:40:24 ----D---- C:\windows\system32\en-US
2014-06-10 19:40:24 ----D---- C:\Program Files (x86)\Internet Explorer
2014-06-10 19:40:23 ----D---- C:\windows\system32\DriverStore
2014-06-10 19:39:47 ----D---- C:\windows\system32\MRT
2014-06-10 19:36:08 ----A---- C:\windows\system32\MRT.exe
2014-06-10 19:35:38 ----RSD---- C:\windows\assembly
2014-06-10 19:35:18 ----D---- C:\ProgramData\Microsoft Help
2014-06-10 19:30:28 ----SD---- C:\windows\system32\CompatTel
2014-06-10 19:27:36 ----D---- C:\windows\system32\catroot2
2014-06-09 17:57:53 ----D---- C:\Mp3
2014-06-07 20:08:28 ----D---- C:\Games Install
2014-06-06 19:03:28 ----AD---- C:\Windows
2014-06-05 22:37:07 ----D---- C:\temp
2014-06-05 22:36:50 ----D---- C:\Program Files (x86)\NVIDIA Corporation
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2013-09-17 62136]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2014-05-20 32544]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2013-10-28 381440]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2013-09-17 239320]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2013-09-17 168256]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2013-09-17 44120]
R1 nvkflt;nvkflt; C:\windows\system32\DRIVERS\nvkflt.sys [2014-05-20 301512]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2013-09-17 220232]
R2 TurboB;Turbo Boost UI Monitor driver; C:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\windows\system32\DRIVERS\Apfiltr.sys [2011-05-13 363856]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2011-05-20 36000]
R3 athr;Dell Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-04-21 2727424]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2011-05-20 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2011-05-20 29344]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2011-05-20 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2011-05-20 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2011-05-20 154272]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2011-05-20 282272]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP; C:\windows\system32\DRIVERS\BthMtpEnum.sys [2009-07-14 64512]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2013-07-02 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2013-07-02 80384]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-07-19 12287456]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-05-31 2886888]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2013-12-05 39200]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\windows\System32\Drivers\AthDfu.sys [2011-05-20 51872]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2013-07-01 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2013-07-02 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 dgderdrv;dgderdrv; C:\windows\System32\drivers\dgderdrv.sys []
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 USBPNPA;USB PnP Sound Device Interface; C:\windows\system32\drivers\CM10864.sys [2013-02-01 4333568]
S3 usbrndis6;Adaptér USB RNDIS6; C:\windows\system32\DRIVERS\usb80236.sys [2013-07-02 19968]
S3 usbser;USB Modem Driver; C:\windows\system32\DRIVERS\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 Licensing Service; C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe [2007-09-24 566560]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [2011-05-20 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2011-05-20 80032]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2013-09-12 1337752]
R2 ezSharedSvc;Easybits Services for Windows; C:\windows\syswow64\ezSharedSvcHost.exe [2013-07-25 517632]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-20 325656]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-12-10 1494304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-12-10 15129376]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-05-20 927520]
R2 OSDSvc;ChiconyOSDService; C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe [2010-12-01 176128]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-05-20 413128]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-12 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-12 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-05-30 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-19 119408]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2013-10-14 1255736]
S4 NetMsmqActivator;@c:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Re: Prosím o kontrolu logu
Ted jsem delal scandisk (windowsacky) a nenasel zadny chyby...
Re: Prosím o kontrolu logu
Ale jsou tam.
Dame si jeste jeden sken a budem mazat
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
01 113 _90 __6 0000030E0FE0 Počet chyb čtení
07 _80 _60 _30 0000062FECE9 Počet chybných hledání
BB __1 __1 __0 0000000000B1 Ohlášeno neopravitelných chyb
BF 100 100 __0 00000000006A Počet udalostí zaznamenaných otřesovým senzorem
C3 113 _99 __0 0000030E0FE0 Počet oprav chybného čtení
Dame si jeste jeden sken a budem mazat
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Prosím o kontrolu logu
OTL logfile created on: 5.7.2014 13:52:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
5,90 Gb Total Physical Memory | 3,55 Gb Available Physical Memory | 60,22% Memory free
11,79 Gb Paging File | 9,12 Gb Available in Paging File | 77,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,63 Gb Total Space | 174,05 Gb Free Space | 24,91% Space Free | Partition Type: NTFS
Computer Name: VERUNKA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.07.05 13:24:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2014.06.19 22:23:51 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014.05.20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.12.10 04:22:32 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013.12.10 04:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013.09.12 13:06:22 | 001,337,752 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2013.07.25 13:00:00 | 000,517,632 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2013.07.25 13:00:00 | 000,517,632 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2013.07.18 17:39:40 | 000,762,192 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011.11.14 16:30:22 | 000,300,544 | ---- | M] () -- C:\Program Files (x86)\Genius\Maurus\mousehid.exe
PRC - [2011.05.20 12:16:10 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.04.01 17:08:30 | 000,660,480 | ---- | M] (DELL) -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\IndicatorOSD.exe
PRC - [2011.01.12 19:17:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe
PRC - [2010.12.20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.12.01 15:07:46 | 000,176,128 | ---- | M] (Chicony) -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe
PRC - [2010.11.17 09:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2007.09.24 19:11:42 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe
========== Modules (No Company Name) ==========
MOD - [2014.05.20 04:44:03 | 000,012,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2011.11.14 16:30:22 | 000,300,544 | ---- | M] () -- C:\Program Files (x86)\Genius\Maurus\mousehid.exe
MOD - [2011.09.05 10:41:36 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Genius\Maurus\HidDevice.dll
MOD - [2011.01.12 19:17:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe
========== Services (SafeList) ==========
SRV:64bit: - [2014.05.30 11:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.12.10 04:20:28 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.09.12 13:06:22 | 001,337,752 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.11.29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009.11.17 18:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014.06.19 17:40:30 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.05.20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.05.14 17:52:44 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.10 04:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.07.18 17:39:40 | 000,762,192 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2013.04.18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.05.20 12:16:10 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.05.20 12:15:20 | 000,080,032 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.12.20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.12.01 15:07:46 | 000,176,128 | ---- | M] (Chicony) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe -- (OSDSvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.09.24 19:11:42 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.05.20 04:44:03 | 000,301,512 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2014.05.20 04:44:03 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2014.01.22 09:52:12 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV:64bit: - [2014.01.22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014.01.22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.12.05 10:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.10.28 02:04:33 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013.10.02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.09.17 16:17:38 | 000,239,320 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013.09.17 16:17:38 | 000,220,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013.09.17 16:17:38 | 000,168,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2013.09.17 16:17:38 | 000,062,136 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013.09.17 16:17:38 | 000,044,120 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013.08.29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013.07.02 07:17:18 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.07.02 07:17:18 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.07.02 05:38:03 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb80236.sys -- (usbrndis6)
DRV:64bit: - [2013.07.02 01:45:21 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.02.01 13:10:18 | 004,333,568 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CM10864.sys -- (USBPNPA)
DRV:64bit: - [2013.01.23 10:31:52 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2013.01.23 10:31:52 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.03 20:55:18 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.07.19 21:39:58 | 012,287,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.20 12:15:34 | 000,282,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.05.20 12:15:34 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.05.20 12:15:34 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.05.20 12:15:34 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.05.20 12:15:34 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.05.20 12:15:34 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.05.20 12:15:32 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.05.20 12:15:32 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011.05.13 00:28:46 | 000,363,856 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011.04.21 21:17:10 | 002,727,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.02.10 14:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.02.10 14:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.12.01 16:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.11.29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.12.15 14:05:42 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.12.15 14:05:42 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.12.15 14:05:42 | 000,029,696 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewdcsc.sys -- (Huawei)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.14 02:21:35 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthMtpEnum.sys -- (BthMtpEnum)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..\SearchScopes,DefaultScope = {69E29DA9-D413-4B33-BB01-04B81FE588DD}
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..\SearchScopes\{4C1F4D2D-9E95-45EF-9CD3-7D1E15A27152}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..\SearchScopes\{69E29DA9-D413-4B33-BB01-04B81FE588DD}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledAddons: %7B0545b830-f0aa-4d7e-8820-50a4629a56fe%7D:24.3
FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013.11.21 07:42:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.06.19 17:40:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013.11.21 07:42:44 | 000,000,000 | ---D | M]
[2013.10.14 11:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2014.07.03 16:18:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\extensions
[2014.06.14 19:00:10 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2014.07.03 16:18:05 | 000,281,800 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2014.06.05 20:25:08 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.06.19 17:40:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.06.19 17:40:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.11.15 04:32:00 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Peněženka Google = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
O1 HOSTS File: ([2014.02.14 18:30:52 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [Cm108Sound] C:\windows\Syswow64\cm108.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Chicony_OSD] C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe ()
O4 - HKLM..\Run: [Maurus] C:\Program Files (x86)\Genius\Maurus\mousehid.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001..\Run: [HP Deskjet 3510 series (NET)] C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001..\Run: [uTorrent] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Martinek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor technologie Intel(R) Turbo Boost 2.0.lnk = File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor technologie Intel(R) Turbo Boost 2.0.lnk = File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB55B753-76BA-4990-A249-974CB3DEF118}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE4FA0B8-0AE7-4065-B0AE-CB69404437BA}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.07.05 13:24:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2014.07.04 16:07:04 | 000,000,000 | R--D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014.07.03 15:34:26 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2014.07.03 15:34:26 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2014.07.03 15:34:26 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2014.07.03 15:34:16 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2014.07.03 15:34:16 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2014.07.03 15:34:16 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2014.07.03 15:34:16 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2014.07.03 15:34:16 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2014.07.03 15:34:16 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2014.07.03 15:34:00 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2014.07.03 15:34:00 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2014.07.03 15:34:00 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2014.07.03 15:34:00 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2014.07.03 13:53:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.07.03 08:24:06 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\windows\SysWow64\sqlite3.dll
[2014.07.03 08:23:41 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.07.02 20:36:44 | 000,000,000 | ---D | C] -- C:\rsit
[2014.06.28 01:45:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Poznámkové bloky aplikace OneNote
[2014.06.25 12:30:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Soubory aplikace Outlook
[2014.06.22 14:29:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\NVIDIA
[2014.06.21 17:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
[2014.06.21 17:41:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo II
[2014.06.21 01:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2014.06.21 01:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torchlight II
[2014.06.21 01:41:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Torchlight II
[2014.06.19 17:40:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.06.10 19:24:07 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014.06.10 19:24:07 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014.06.10 19:24:07 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014.06.10 19:24:07 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.06.10 19:24:06 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014.06.10 19:24:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014.06.10 19:24:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014.06.10 19:24:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014.06.10 19:24:05 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014.06.10 19:24:05 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014.06.10 19:24:05 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014.06.10 19:24:05 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014.06.10 19:24:05 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014.06.10 19:24:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014.06.10 19:24:04 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014.06.10 19:24:04 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014.06.10 19:24:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014.06.10 19:24:03 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014.06.10 19:24:03 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014.06.10 19:24:03 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014.06.10 19:24:03 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014.06.10 19:24:03 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014.06.10 19:24:02 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014.06.10 19:24:02 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014.06.10 19:24:02 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014.06.10 19:24:02 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014.06.10 19:24:02 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014.06.10 19:24:01 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014.06.10 19:24:01 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014.06.10 19:24:01 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014.06.10 19:24:01 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014.06.10 19:24:01 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014.06.10 19:24:00 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014.06.10 19:21:22 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2014.06.10 19:21:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RdpGroupPolicyExtension.dll
[2014.06.10 19:21:20 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2014.06.10 19:21:20 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2014.06.10 19:21:19 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2014.06.10 19:21:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2014.06.10 19:21:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2014.06.10 19:21:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2014.06.10 19:21:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2014.06.10 19:21:16 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014.06.10 19:21:16 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014.06.06 19:07:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Blizzard Entertainment
[2014.06.06 19:07:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Battle.net
[2014.06.06 19:07:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Battle.net
[2014.06.06 19:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2014.06.06 19:07:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2014.06.06 19:01:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net.temp
[2014.06.05 22:36:44 | 000,601,432 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvStreaming.exe
[2014.06.05 22:36:31 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\NV
[2014.06.05 22:36:31 | 000,000,000 | ---D | C] -- C:\windows\SysNative\NV
[2014.06.05 22:31:31 | 018,531,568 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvwgf2umx.dll
[2014.06.05 22:31:31 | 016,003,912 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvwgf2um.dll
[2014.06.05 22:31:30 | 031,387,936 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglv64.dll
[2014.06.05 22:31:30 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcompiler.dll
[2014.06.05 22:31:30 | 024,025,376 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglv32.dll
[2014.06.05 22:31:30 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcompiler.dll
[2014.06.05 22:31:30 | 017,480,432 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvd3dumx.dll
[2014.06.05 22:31:30 | 011,644,928 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuda.dll
[2014.06.05 22:31:30 | 011,599,072 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvopencl.dll
[2014.06.05 22:31:30 | 009,735,256 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuda.dll
[2014.06.05 22:31:30 | 009,697,640 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvopencl.dll
[2014.06.05 22:31:30 | 003,141,976 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvid.dll
[2014.06.05 22:31:30 | 002,953,672 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvid.dll
[2014.06.05 22:31:30 | 002,785,568 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvenc.dll
[2014.06.05 22:31:30 | 002,412,376 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvenc.dll
[2014.06.05 22:31:30 | 001,889,112 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispco6433788.dll
[2014.06.05 22:31:30 | 001,541,576 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispgenco6433788.dll
[2014.06.05 22:31:30 | 000,895,776 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvIFR64.dll
[2014.06.05 22:31:30 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvFBC64.dll
[2014.06.05 22:31:30 | 000,867,784 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvIFR.dll
[2014.06.05 22:31:30 | 000,861,128 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvFBC.dll
[2014.06.05 22:31:30 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglshim64.dll
[2014.06.05 22:31:30 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglshim32.dll
[2014.06.05 22:31:30 | 000,301,512 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvkflt.sys
[2014.06.05 22:31:30 | 000,166,568 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvinitx.dll
[2014.06.05 22:31:30 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvpciflt.sys
========== Files - Modified Within 30 Days ==========
[2014.07.05 13:53:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.07.05 13:51:00 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014.07.05 13:29:00 | 000,000,952 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8bfc68f64773.job
[2014.07.05 13:24:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2014.07.05 12:59:00 | 000,000,962 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001UA1cf6b52a585a103.job
[2014.07.05 12:35:29 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.05 12:35:29 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.05 12:21:26 | 001,584,554 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014.07.05 12:21:26 | 000,669,116 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2014.07.05 12:21:26 | 000,654,464 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014.07.05 12:21:26 | 000,141,744 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2014.07.05 12:21:26 | 000,122,336 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014.07.05 12:20:10 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014.07.04 17:59:00 | 000,000,910 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001Core1cf4c47c02b066f.job
[2014.07.04 16:06:56 | 000,001,992 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk
[2014.07.04 16:06:53 | 000,000,948 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore1cf6aaf336911e0.job
[2014.07.04 16:06:25 | 453,640,191 | -HS- | M] () -- C:\hiberfil.sys
[2014.07.03 08:22:25 | 001,346,519 | ---- | M] () -- C:\Users\Owner\Desktop\adwcleaner_3.214.exe
[2014.07.02 21:57:07 | 000,001,112 | ---- | M] () -- C:\Users\Owner\AppData\Local\MRDownloader.nast
[2014.06.28 01:45:02 | 000,001,161 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
[2014.06.21 18:01:25 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk
[2014.06.21 01:44:54 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\Torchlight II.lnk
[2014.06.20 19:01:49 | 000,002,570 | ---- | M] () -- C:\windows\diagwrn.xml
[2014.06.20 19:01:49 | 000,001,908 | ---- | M] () -- C:\windows\diagerr.xml
[2014.06.13 08:57:28 | 000,002,337 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2014.06.08 11:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014.06.08 11:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014.06.06 19:07:31 | 000,001,157 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
========== Files Created - No Company Name ==========
[2014.07.05 13:27:41 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.07.03 08:22:21 | 001,346,519 | ---- | C] () -- C:\Users\Owner\Desktop\adwcleaner_3.214.exe
[2014.06.28 01:45:02 | 000,001,161 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
[2014.06.21 17:55:55 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk
[2014.06.21 01:44:54 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\Torchlight II.lnk
[2014.06.19 22:24:02 | 000,000,952 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8bfc68f64773.job
[2014.06.06 19:07:31 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2014.05.16 19:26:08 | 000,001,112 | ---- | C] () -- C:\Users\Owner\AppData\Local\MRDownloader.nast
[2014.02.09 20:17:29 | 001,208,831 | ---- | C] () -- C:\windows\unins000.exe
[2014.02.09 20:17:29 | 000,030,458 | ---- | C] () -- C:\windows\unins000.dat
[2014.01.30 19:37:13 | 000,000,048 | -H-- | C] () -- C:\windows\SysWow64\ezsidmv.dat
[2014.01.11 00:09:17 | 000,143,360 | ---- | C] () -- C:\windows\Vmix108.dll
[2014.01.11 00:09:16 | 000,000,443 | ---- | C] () -- C:\windows\Cm108.ini.cfl
[2014.01.11 00:08:22 | 000,002,109 | ---- | C] () -- C:\windows\Cm108.ini.cfg
[2014.01.11 00:08:22 | 000,001,318 | ---- | C] () -- C:\windows\cm108.ini
[2014.01.11 00:08:22 | 000,000,997 | ---- | C] () -- C:\windows\Cm108.ini.imi
[2014.01.09 22:53:54 | 001,560,204 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013.12.19 20:13:00 | 000,000,001 | ---- | C] () -- C:\windows\SysWow64\SI.bin
[2013.12.04 15:47:02 | 000,003,302 | ---- | C] () -- C:\Users\Owner\AppData\Local\SRDownloader.err
[2013.10.28 11:28:53 | 000,001,160 | ---- | C] () -- C:\Users\Owner\AppData\Local\SRDownloader.nast
[2013.10.14 12:46:37 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.10.09 17:14:53 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2013.10.09 17:14:51 | 000,218,304 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2013.10.09 17:14:49 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2013.10.09 17:14:47 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2013.10.09 17:14:44 | 013,903,872 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2013.07.02 00:33:48 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2013.04.18 20:07:00 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2013.04.18 20:06:46 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2013.04.18 20:06:46 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2013.04.18 20:06:46 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2013.04.18 20:06:46 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 04:34:55 | 014,179,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:18:50 | 012,877,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014.03.01 09:28:10 | 000,000,000 | ---D | M] -- C:\Users\Martinek\AppData\Roaming\KYE 7Key
[2014.06.06 19:09:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Battle.net
[2014.05.16 21:00:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BSplayer PRO
[2014.01.12 01:41:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\driveridentifier
[2013.10.24 14:22:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ESET
[2014.01.12 13:12:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GHISLER
[2014.02.09 20:17:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\KYE 7Key
[2013.11.07 19:52:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nokia
[2014.01.12 04:51:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PC Suite
[2014.01.12 00:41:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PCDr
[2014.01.12 20:01:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Samsung
[2014.02.12 22:51:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Seznam.cz
[2013.10.29 15:40:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Telefónica Móviles
[2014.07.05 13:50:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2014.02.03 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\_MDLogs
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,031,308 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2014.02.21 19:51:48 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2014.03.30 20:42:06 | 000,000,910 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001Core1cf4c47c02b066f.job
[2014.05.08 13:18:13 | 000,000,948 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore1cf6aaf336911e0.job
[2014.05.09 08:48:12 | 000,000,962 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001UA1cf6b52a585a103.job
[2014.06.19 22:24:02 | 000,000,952 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bfc68f64773.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_835126aa75fcce4e\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17836_none_18255918d55ec5c0\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.21988_none_187ae6dbeea323ed\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_228378fc3ac93a79\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17954_none_3b32f5713849bd3d\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22113_none_3be6a9c45148072e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2013.07.02 03:47:12 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=829F20D41E7915CB2B2477989241DAAF -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.22077_none_be1afd46d3b2b2b7\cdrom.sys
[2013.07.02 03:47:12 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=E5F4FD3D59B9141560D4174AAE6E66E0 -- C:\windows\SysNative\drivers\cdrom.sys
[2013.07.02 03:47:12 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=E5F4FD3D59B9141560D4174AAE6E66E0 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_b2c31ccd2fdae3cc\cdrom.sys
[2013.07.02 03:47:12 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=E5F4FD3D59B9141560D4174AAE6E66E0 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17920_none_bdc097d5ba729fbc\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013.07.02 05:39:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.07.02 05:47:17 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013.10.05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\windows\SysNative\cryptsvc.dll
[2013.10.05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013.07.02 05:39:43 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.07.02 05:47:17 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.07.02 05:47:17 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.07.02 02:07:29 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=AF845984B344FE45B104412B3EBF47CA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21945_none_7871365312466b5d\cryptsvc.dll
[2013.07.02 02:07:29 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=B2C3EA1E8CF7C9FE00FCF10700B04B46 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21945_none_d48fd1d6caa3dc93\cryptsvc.dll
[2013.07.02 05:39:43 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.07.02 05:47:17 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.07.02 05:39:42 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2013.07.02 03:58:51 | 002,871,296 | ---- | M] (Microsoft Corporation) MD5=70D758D2DBE79757421017EE68143763 -- C:\Windows\explorer.exe
[2013.07.02 03:58:51 | 002,871,296 | ---- | M] (Microsoft Corporation) MD5=70D758D2DBE79757421017EE68143763 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.22083_none_b0177762a9b36dc1\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2013.07.02 03:58:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=B0846DB5BDAB92131529A58E627FCEB7 -- C:\Windows\SysWOW64\explorer.exe
[2013.07.02 03:58:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=B0846DB5BDAB92131529A58E627FCEB7 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.22083_none_ba6c21b4de142fbc\explorer.exe
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
5,90 Gb Total Physical Memory | 3,55 Gb Available Physical Memory | 60,22% Memory free
11,79 Gb Paging File | 9,12 Gb Available in Paging File | 77,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,63 Gb Total Space | 174,05 Gb Free Space | 24,91% Space Free | Partition Type: NTFS
Computer Name: VERUNKA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.07.05 13:24:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2014.06.19 22:23:51 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014.05.20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.12.10 04:22:32 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013.12.10 04:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013.09.12 13:06:22 | 001,337,752 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2013.07.25 13:00:00 | 000,517,632 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2013.07.25 13:00:00 | 000,517,632 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2013.07.18 17:39:40 | 000,762,192 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011.11.14 16:30:22 | 000,300,544 | ---- | M] () -- C:\Program Files (x86)\Genius\Maurus\mousehid.exe
PRC - [2011.05.20 12:16:10 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.04.01 17:08:30 | 000,660,480 | ---- | M] (DELL) -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\IndicatorOSD.exe
PRC - [2011.01.12 19:17:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe
PRC - [2010.12.20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.12.01 15:07:46 | 000,176,128 | ---- | M] (Chicony) -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe
PRC - [2010.11.17 09:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2007.09.24 19:11:42 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) -- C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe
========== Modules (No Company Name) ==========
MOD - [2014.05.20 04:44:03 | 000,012,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2011.11.14 16:30:22 | 000,300,544 | ---- | M] () -- C:\Program Files (x86)\Genius\Maurus\mousehid.exe
MOD - [2011.09.05 10:41:36 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Genius\Maurus\HidDevice.dll
MOD - [2011.01.12 19:17:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe
========== Services (SafeList) ==========
SRV:64bit: - [2014.05.30 11:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.12.10 04:20:28 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.09.12 13:06:22 | 001,337,752 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010.11.29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009.11.17 18:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2014.06.19 17:40:30 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014.05.20 01:10:40 | 000,413,128 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.05.14 17:52:44 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.18 20:42:32 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.10 04:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.07.18 17:39:40 | 000,762,192 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2013.04.18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.05.20 12:16:10 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.05.20 12:15:20 | 000,080,032 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010.12.20 18:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.20 18:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.12.01 15:07:46 | 000,176,128 | ---- | M] (Chicony) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe -- (OSDSvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.09.24 19:11:42 | 000,566,560 | ---- | M] (ABBYY (BIT Software)) [Auto | Running] -- C:\Program Files (x86)\ABBYY FineReader 9.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Professional.9.0)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014.05.20 04:44:03 | 000,301,512 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2014.05.20 04:44:03 | 000,032,544 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2014.01.22 09:52:12 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd)
DRV:64bit: - [2014.01.22 09:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014.01.22 09:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013.12.05 10:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.10.28 02:04:33 | 000,381,440 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013.10.02 04:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.09.17 16:17:38 | 000,239,320 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013.09.17 16:17:38 | 000,220,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013.09.17 16:17:38 | 000,168,256 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2013.09.17 16:17:38 | 000,062,136 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013.09.17 16:17:38 | 000,044,120 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013.08.29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013.07.02 07:17:18 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.07.02 07:17:18 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.07.02 05:38:03 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb80236.sys -- (usbrndis6)
DRV:64bit: - [2013.07.02 01:45:21 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.02.01 13:10:18 | 004,333,568 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CM10864.sys -- (USBPNPA)
DRV:64bit: - [2013.01.23 10:31:52 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2013.01.23 10:31:52 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.03 20:55:18 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.07.19 21:39:58 | 012,287,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.20 12:15:34 | 000,282,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.05.20 12:15:34 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.05.20 12:15:34 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.05.20 12:15:34 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.05.20 12:15:34 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.05.20 12:15:34 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.05.20 12:15:32 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.05.20 12:15:32 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011.05.13 00:28:46 | 000,363,856 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011.04.21 21:17:10 | 002,727,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.02.10 14:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.02.10 14:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.12.01 16:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.11.29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.12.15 14:05:42 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.12.15 14:05:42 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.12.15 14:05:42 | 000,029,696 | ---- | M] (Huawei Tech. Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewdcsc.sys -- (Huawei)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.14 02:21:35 | 000,064,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthMtpEnum.sys -- (BthMtpEnum)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..\SearchScopes,DefaultScope = {69E29DA9-D413-4B33-BB01-04B81FE588DD}
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE11SR
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..\SearchScopes\{4C1F4D2D-9E95-45EF-9CD3-7D1E15A27152}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..\SearchScopes\{69E29DA9-D413-4B33-BB01-04B81FE588DD}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledAddons: %7B0545b830-f0aa-4d7e-8820-50a4629a56fe%7D:24.3
FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013.11.21 07:42:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.06.19 17:40:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013.11.21 07:42:44 | 000,000,000 | ---D | M]
[2013.10.14 11:30:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2014.07.03 16:18:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\extensions
[2014.06.14 19:00:10 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2014.07.03 16:18:05 | 000,281,800 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi
[2014.06.05 20:25:08 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\apprcmds.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.06.19 17:40:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.06.19 17:40:31 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.11.15 04:32:00 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Peněženka Google = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
O1 HOSTS File: ([2014.02.14 18:30:52 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [Cm108Sound] C:\windows\Syswow64\cm108.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Chicony_OSD] C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe ()
O4 - HKLM..\Run: [Maurus] C:\Program Files (x86)\Genius\Maurus\mousehid.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001..\Run: [HP Deskjet 3510 series (NET)] C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001..\Run: [uTorrent] C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Martinek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor technologie Intel(R) Turbo Boost 2.0.lnk = File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor technologie Intel(R) Turbo Boost 2.0.lnk = File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB55B753-76BA-4990-A249-974CB3DEF118}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE4FA0B8-0AE7-4065-B0AE-CB69404437BA}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014.07.05 13:24:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2014.07.04 16:07:04 | 000,000,000 | R--D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014.07.03 15:34:26 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wucltux.dll
[2014.07.03 15:34:26 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuauclt.exe
[2014.07.03 15:34:26 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups2.dll
[2014.07.03 15:34:16 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapi.dll
[2014.07.03 15:34:16 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapi.dll
[2014.07.03 15:34:16 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wudriver.dll
[2014.07.03 15:34:16 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wudriver.dll
[2014.07.03 15:34:16 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wups.dll
[2014.07.03 15:34:16 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wups.dll
[2014.07.03 15:34:00 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuwebv.dll
[2014.07.03 15:34:00 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuwebv.dll
[2014.07.03 15:34:00 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wuapp.exe
[2014.07.03 15:34:00 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wuapp.exe
[2014.07.03 13:53:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.07.03 08:24:06 | 000,536,576 | ---- | C] (SQLite Development Team) -- C:\windows\SysWow64\sqlite3.dll
[2014.07.03 08:23:41 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.07.02 20:36:44 | 000,000,000 | ---D | C] -- C:\rsit
[2014.06.28 01:45:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Poznámkové bloky aplikace OneNote
[2014.06.25 12:30:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Soubory aplikace Outlook
[2014.06.22 14:29:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\NVIDIA
[2014.06.21 17:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
[2014.06.21 17:41:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Diablo II
[2014.06.21 01:46:03 | 000,000,000 | ---D | C] -- C:\ProgramData\RELOADED
[2014.06.21 01:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torchlight II
[2014.06.21 01:41:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Torchlight II
[2014.06.19 17:40:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.06.10 19:24:07 | 000,592,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript9diag.dll
[2014.06.10 19:24:07 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2014.06.10 19:24:07 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieetwproxystub.dll
[2014.06.10 19:24:07 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\JavaScriptCollectionAgent.dll
[2014.06.10 19:24:06 | 001,964,544 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2014.06.10 19:24:06 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2014.06.10 19:24:06 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwproxystub.dll
[2014.06.10 19:24:06 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\JavaScriptCollectionAgent.dll
[2014.06.10 19:24:05 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2014.06.10 19:24:05 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2014.06.10 19:24:05 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2014.06.10 19:24:05 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollector.exe
[2014.06.10 19:24:05 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2014.06.10 19:24:05 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieetwcollectorres.dll
[2014.06.10 19:24:04 | 002,040,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2014.06.10 19:24:04 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2014.06.10 19:24:04 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2014.06.10 19:24:03 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2014.06.10 19:24:03 | 000,704,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2014.06.10 19:24:03 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2014.06.10 19:24:03 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2014.06.10 19:24:03 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2014.06.10 19:24:02 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2014.06.10 19:24:02 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2014.06.10 19:24:02 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2014.06.10 19:24:02 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2014.06.10 19:24:02 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2014.06.10 19:24:01 | 005,782,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2014.06.10 19:24:01 | 000,846,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2014.06.10 19:24:01 | 000,752,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9diag.dll
[2014.06.10 19:24:01 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2014.06.10 19:24:01 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2014.06.10 19:24:00 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2014.06.10 19:21:22 | 003,178,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\rdpcorets.dll
[2014.06.10 19:21:22 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RdpGroupPolicyExtension.dll
[2014.06.10 19:21:20 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2014.06.10 19:21:20 | 000,288,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS
[2014.06.10 19:21:19 | 000,801,792 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll
[2014.06.10 19:21:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml6r.dll
[2014.06.10 19:21:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml6r.dll
[2014.06.10 19:21:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msxml3r.dll
[2014.06.10 19:21:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msxml3r.dll
[2014.06.10 19:21:16 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014.06.10 19:21:16 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014.06.06 19:07:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Blizzard Entertainment
[2014.06.06 19:07:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Battle.net
[2014.06.06 19:07:40 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Battle.net
[2014.06.06 19:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2014.06.06 19:07:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2014.06.06 19:01:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net.temp
[2014.06.05 22:36:44 | 000,601,432 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvStreaming.exe
[2014.06.05 22:36:31 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\NV
[2014.06.05 22:36:31 | 000,000,000 | ---D | C] -- C:\windows\SysNative\NV
[2014.06.05 22:31:31 | 018,531,568 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvwgf2umx.dll
[2014.06.05 22:31:31 | 016,003,912 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvwgf2um.dll
[2014.06.05 22:31:30 | 031,387,936 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglv64.dll
[2014.06.05 22:31:30 | 025,256,224 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcompiler.dll
[2014.06.05 22:31:30 | 024,025,376 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglv32.dll
[2014.06.05 22:31:30 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcompiler.dll
[2014.06.05 22:31:30 | 017,480,432 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvd3dumx.dll
[2014.06.05 22:31:30 | 011,644,928 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuda.dll
[2014.06.05 22:31:30 | 011,599,072 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvopencl.dll
[2014.06.05 22:31:30 | 009,735,256 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuda.dll
[2014.06.05 22:31:30 | 009,697,640 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvopencl.dll
[2014.06.05 22:31:30 | 003,141,976 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvid.dll
[2014.06.05 22:31:30 | 002,953,672 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvid.dll
[2014.06.05 22:31:30 | 002,785,568 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvcuvenc.dll
[2014.06.05 22:31:30 | 002,412,376 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvcuvenc.dll
[2014.06.05 22:31:30 | 001,889,112 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispco6433788.dll
[2014.06.05 22:31:30 | 001,541,576 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvdispgenco6433788.dll
[2014.06.05 22:31:30 | 000,895,776 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvIFR64.dll
[2014.06.05 22:31:30 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\NvFBC64.dll
[2014.06.05 22:31:30 | 000,867,784 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvIFR.dll
[2014.06.05 22:31:30 | 000,861,128 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\NvFBC.dll
[2014.06.05 22:31:30 | 000,354,016 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvoglshim64.dll
[2014.06.05 22:31:30 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysWow64\nvoglshim32.dll
[2014.06.05 22:31:30 | 000,301,512 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvkflt.sys
[2014.06.05 22:31:30 | 000,166,568 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\nvinitx.dll
[2014.06.05 22:31:30 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- C:\windows\SysNative\drivers\nvpciflt.sys
========== Files - Modified Within 30 Days ==========
[2014.07.05 13:53:40 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014.07.05 13:51:00 | 000,000,914 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014.07.05 13:29:00 | 000,000,952 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8bfc68f64773.job
[2014.07.05 13:24:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2014.07.05 12:59:00 | 000,000,962 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001UA1cf6b52a585a103.job
[2014.07.05 12:35:29 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.07.05 12:35:29 | 000,024,608 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.07.05 12:21:26 | 001,584,554 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014.07.05 12:21:26 | 000,669,116 | ---- | M] () -- C:\windows\SysNative\perfh005.dat
[2014.07.05 12:21:26 | 000,654,464 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014.07.05 12:21:26 | 000,141,744 | ---- | M] () -- C:\windows\SysNative\perfc005.dat
[2014.07.05 12:21:26 | 000,122,336 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014.07.05 12:20:10 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014.07.04 17:59:00 | 000,000,910 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001Core1cf4c47c02b066f.job
[2014.07.04 16:06:56 | 000,001,992 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 3510 series (Síť).lnk
[2014.07.04 16:06:53 | 000,000,948 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore1cf6aaf336911e0.job
[2014.07.04 16:06:25 | 453,640,191 | -HS- | M] () -- C:\hiberfil.sys
[2014.07.03 08:22:25 | 001,346,519 | ---- | M] () -- C:\Users\Owner\Desktop\adwcleaner_3.214.exe
[2014.07.02 21:57:07 | 000,001,112 | ---- | M] () -- C:\Users\Owner\AppData\Local\MRDownloader.nast
[2014.06.28 01:45:02 | 000,001,161 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
[2014.06.21 18:01:25 | 000,001,136 | ---- | M] () -- C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk
[2014.06.21 01:44:54 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\Torchlight II.lnk
[2014.06.20 19:01:49 | 000,002,570 | ---- | M] () -- C:\windows\diagwrn.xml
[2014.06.20 19:01:49 | 000,001,908 | ---- | M] () -- C:\windows\diagerr.xml
[2014.06.13 08:57:28 | 000,002,337 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2014.06.08 11:13:05 | 000,506,368 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aepdu.dll
[2014.06.08 11:08:04 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\aeinv.dll
[2014.06.06 19:07:31 | 000,001,157 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
========== Files Created - No Company Name ==========
[2014.07.05 13:27:41 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014.07.03 08:22:21 | 001,346,519 | ---- | C] () -- C:\Users\Owner\Desktop\adwcleaner_3.214.exe
[2014.06.28 01:45:02 | 000,001,161 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
[2014.06.21 17:55:55 | 000,001,136 | ---- | C] () -- C:\Users\Public\Desktop\Diablo II - Lord of Destruction.lnk
[2014.06.21 01:44:54 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\Torchlight II.lnk
[2014.06.19 22:24:02 | 000,000,952 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8bfc68f64773.job
[2014.06.06 19:07:31 | 000,001,157 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2014.05.16 19:26:08 | 000,001,112 | ---- | C] () -- C:\Users\Owner\AppData\Local\MRDownloader.nast
[2014.02.09 20:17:29 | 001,208,831 | ---- | C] () -- C:\windows\unins000.exe
[2014.02.09 20:17:29 | 000,030,458 | ---- | C] () -- C:\windows\unins000.dat
[2014.01.30 19:37:13 | 000,000,048 | -H-- | C] () -- C:\windows\SysWow64\ezsidmv.dat
[2014.01.11 00:09:17 | 000,143,360 | ---- | C] () -- C:\windows\Vmix108.dll
[2014.01.11 00:09:16 | 000,000,443 | ---- | C] () -- C:\windows\Cm108.ini.cfl
[2014.01.11 00:08:22 | 000,002,109 | ---- | C] () -- C:\windows\Cm108.ini.cfg
[2014.01.11 00:08:22 | 000,001,318 | ---- | C] () -- C:\windows\cm108.ini
[2014.01.11 00:08:22 | 000,000,997 | ---- | C] () -- C:\windows\Cm108.ini.imi
[2014.01.09 22:53:54 | 001,560,204 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013.12.19 20:13:00 | 000,000,001 | ---- | C] () -- C:\windows\SysWow64\SI.bin
[2013.12.04 15:47:02 | 000,003,302 | ---- | C] () -- C:\Users\Owner\AppData\Local\SRDownloader.err
[2013.10.28 11:28:53 | 000,001,160 | ---- | C] () -- C:\Users\Owner\AppData\Local\SRDownloader.nast
[2013.10.14 12:46:37 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013.10.09 17:14:53 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2013.10.09 17:14:51 | 000,218,304 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2013.10.09 17:14:49 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2013.10.09 17:14:47 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2013.10.09 17:14:44 | 013,903,872 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2013.07.02 00:33:48 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll
[2013.04.18 20:07:00 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2013.04.18 20:06:46 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2013.04.18 20:06:46 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2013.04.18 20:06:46 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2013.04.18 20:06:46 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 04:34:55 | 014,179,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:18:50 | 012,877,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014.03.01 09:28:10 | 000,000,000 | ---D | M] -- C:\Users\Martinek\AppData\Roaming\KYE 7Key
[2014.06.06 19:09:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Battle.net
[2014.05.16 21:00:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BSplayer PRO
[2014.01.12 01:41:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\driveridentifier
[2013.10.24 14:22:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ESET
[2014.01.12 13:12:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GHISLER
[2014.02.09 20:17:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\KYE 7Key
[2013.11.07 19:52:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nokia
[2014.01.12 04:51:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PC Suite
[2014.01.12 00:41:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PCDr
[2014.01.12 20:01:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Samsung
[2014.02.12 22:51:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Seznam.cz
[2013.10.29 15:40:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Telefónica Móviles
[2014.07.05 13:50:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2014.02.03 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\_MDLogs
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,031,308 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2014.02.21 19:51:48 | 000,000,914 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
[2014.03.30 20:42:06 | 000,000,910 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001Core1cf4c47c02b066f.job
[2014.05.08 13:18:13 | 000,000,948 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore1cf6aaf336911e0.job
[2014.05.09 08:48:12 | 000,000,962 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001UA1cf6b52a585a103.job
[2014.06.19 22:24:02 | 000,000,952 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf8bfc68f64773.job
< >
< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_835126aa75fcce4e\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17836_none_18255918d55ec5c0\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.21988_none_187ae6dbeea323ed\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_228378fc3ac93a79\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17954_none_3b32f5713849bd3d\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22113_none_3be6a9c45148072e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2013.07.02 03:47:12 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=829F20D41E7915CB2B2477989241DAAF -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.22077_none_be1afd46d3b2b2b7\cdrom.sys
[2013.07.02 03:47:12 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=E5F4FD3D59B9141560D4174AAE6E66E0 -- C:\windows\SysNative\drivers\cdrom.sys
[2013.07.02 03:47:12 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=E5F4FD3D59B9141560D4174AAE6E66E0 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_b2c31ccd2fdae3cc\cdrom.sys
[2013.07.02 03:47:12 | 000,148,992 | ---- | M] (Microsoft Corporation) MD5=E5F4FD3D59B9141560D4174AAE6E66E0 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17920_none_bdc097d5ba729fbc\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: CRYPTSVC.DLL >
[2010.11.21 05:24:16 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=15597883FBE9B056F276ADA3AD87D9AF -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[2013.07.02 05:39:42 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=33ADF6E0853AB39EA1723BE82842C1D3 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[2013.07.02 05:47:17 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=3897DFF247D9ED0006190349DE264E14 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[2013.07.09 16:47:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=434CCE8E7150CD1324C5FAA088D1D061 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[2013.10.05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\windows\SysNative\cryptsvc.dll
[2013.10.05 04:25:30 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=509D31797A4B8A3D6ED78A330B19A919 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=6B400F211BEE880A37A1ED0368776BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[2013.07.09 15:57:37 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=6DB499DEFCC827317C5371164A7CDB27 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) MD5=7CA1BECEA5DE2643ADDAD32670E7A4C9 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[2013.07.02 05:39:43 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=7FDC4626B01106A8EF328C88C7C0DEE3 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[2013.07.02 05:47:17 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=8122252F0A4ACFA92FA0C1D50D18493B -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[2010.11.21 05:24:32 | 000,136,192 | ---- | M] (Microsoft Corporation) MD5=A585BEBF7D054BD9618EDA0922D5484A -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
[2013.07.02 05:47:17 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=AC04D05309BB2C418D0D80B9FB014642 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[2013.07.02 02:07:29 | 000,139,264 | ---- | M] (Microsoft Corporation) MD5=AF845984B344FE45B104412B3EBF47CA -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21945_none_7871365312466b5d\cryptsvc.dll
[2013.07.02 02:07:29 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=B2C3EA1E8CF7C9FE00FCF10700B04B46 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.21945_none_d48fd1d6caa3dc93\cryptsvc.dll
[2013.07.02 05:39:43 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=CA13C4F92BEE66DB48E58AB3223DDF6E -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[2013.07.02 05:47:17 | 000,184,320 | ---- | M] (Microsoft Corporation) MD5=D8129C49798CBBFB2E4351D4B7B8EF9C -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[2013.07.02 05:39:42 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=E122AA1C9A3CC46FF9DDDE46E5EB0C58 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.10.05 03:52:03 | 000,142,848 | ---- | M] (Microsoft Corporation) MD5=F2D9242C3BBD1C36467FCAE1AE01733F -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2013.07.02 03:58:51 | 002,871,296 | ---- | M] (Microsoft Corporation) MD5=70D758D2DBE79757421017EE68143763 -- C:\Windows\explorer.exe
[2013.07.02 03:58:51 | 002,871,296 | ---- | M] (Microsoft Corporation) MD5=70D758D2DBE79757421017EE68143763 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.22083_none_b0177762a9b36dc1\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2013.07.02 03:58:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=B0846DB5BDAB92131529A58E627FCEB7 -- C:\Windows\SysWOW64\explorer.exe
[2013.07.02 03:58:52 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=B0846DB5BDAB92131529A58E627FCEB7 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.22083_none_ba6c21b4de142fbc\explorer.exe
Re: Prosím o kontrolu logu
2. část OTC
< MD5 for: HAL.DLL >
[2013.07.02 01:33:26 | 000,263,024 | ---- | M] (Microsoft Corporation) MD5=9E6A4D0A36BAEE7199229660049D693D -- C:\windows\SysNative\hal.dll
[2013.07.02 01:33:26 | 000,263,024 | ---- | M] (Microsoft Corporation) MD5=9E6A4D0A36BAEE7199229660049D693D -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.21855_none_09ae59448986e4c9\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2013.07.02 07:17:18 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2013.07.02 07:17:18 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2013.07.02 07:17:18 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2013.07.02 07:17:18 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_835126aa75fcce4e\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17836_none_18255918d55ec5c0\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.21988_none_187ae6dbeea323ed\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2013.07.02 06:04:04 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=34C24593933C22EE403E569FD58618A6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22276_none_04bb2fa88cb7619a\lsass.exe
[2013.09.25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\windows\SysNative\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2013.07.02 04:20:02 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=9E3E3E092B01D89A742FF65549929BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22119_none_04ff0e288c8408d2\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2013.09.25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
< MD5 for: NDIS.SYS >
[2013.07.02 03:37:59 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=37060C2BFFFBF8235AB8021D33807AEC -- C:\windows\SysNative\drivers\ndis.sys
[2013.07.02 03:37:59 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=37060C2BFFFBF8235AB8021D33807AEC -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17956_none_05c3f9b232cd2e67\ndis.sys
[2013.07.02 03:37:59 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5C1C79E4AC2D8D6FA77F503ADFD0A5BE -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22114_none_0676adbb4bcc5f01\ndis.sys
[2013.07.02 03:19:00 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2013.07.02 03:19:00 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
< MD5 for: NETLOGON.DLL >
[2013.07.02 02:14:11 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=3B636D8B071977F5625435DA5E1302C8 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.21934_none_5c51bf5767c741b9\netlogon.dll
[2013.07.02 02:14:11 | 000,564,224 | ---- | M] (Microsoft Corporation) MD5=5080BF3DF882FFF96ABE5AEC684C6ABA -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.21934_none_66a669a99c2803b4\netlogon.dll
[2013.07.02 06:12:23 | 000,699,904 | ---- | M] (Microsoft Corporation) MD5=76B98F4D0B9C9EB1A9EC47726EFA2652 -- C:\windows\SysNative\netlogon.dll
[2013.07.02 06:12:23 | 000,699,904 | ---- | M] (Microsoft Corporation) MD5=76B98F4D0B9C9EB1A9EC47726EFA2652 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.22289_none_5c208d1b67eb79b1\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2013.07.02 06:12:23 | 000,567,296 | ---- | M] (Microsoft Corporation) MD5=E1986010A4D5EABD58FC46907E9E0693 -- C:\Windows\SysWOW64\netlogon.dll
[2013.07.02 06:12:23 | 000,567,296 | ---- | M] (Microsoft Corporation) MD5=E1986010A4D5EABD58FC46907E9E0693 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.22289_none_6675376d9c4c3bac\netlogon.dll
< MD5 for: NVRAID.SYS >
[2013.07.02 07:17:18 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2013.07.02 07:17:18 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2013.07.02 07:17:18 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2013.07.02 07:17:18 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2013.07.02 07:17:18 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2013.07.02 07:17:18 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2013.07.02 07:17:18 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2013.07.02 07:17:18 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2013.07.02 00:46:11 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=19E15945ED042BA1DF794AEEA1976B0B -- C:\Windows\SysWOW64\scecli.dll
[2013.07.02 00:46:11 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=19E15945ED042BA1DF794AEEA1976B0B -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.21864_none_a0dc23183d61e11b\scecli.dll
[2013.07.02 00:46:11 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=36505BDC60046806B60F1032A28E9A10 -- C:\windows\SysNative\scecli.dll
[2013.07.02 00:46:11 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=36505BDC60046806B60F1032A28E9A10 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.21864_none_968778c609011f20\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\windows\SysNative\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013.08.29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.07.02 06:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CBCFCF064962B4571BBEC300056012C2 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22318_none_0aee2ee548eb514d\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2013.07.02 04:02:47 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2013.07.01 23:57:09 | 001,928,064 | ---- | M] (Microsoft Corporation) MD5=4A68EA6B21FB6316E01457DE1A678AA9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21645_none_11ae4512963ad82b\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.07.02 07:05:25 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=6B46A5C14832DE7B10359E8BE49C042B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18176_none_11051a6d7d34ca90\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013.07.02 00:23:38 | 001,901,400 | ---- | M] (Microsoft Corporation) MD5=77EBDE4B7E3D4A578A2ECA79BA29355A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22215_none_11ce96769622a95d\tcpip.sys
[2013.07.02 04:52:39 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=A9F2951A642B2B2DF0238965BCD6EB7F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22197_none_117a15c49661be6c\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.07.02 04:02:47 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.07.02 07:05:25 | 001,900,904 | ---- | M] (Microsoft Corporation) MD5=EE6B008FA8094F1F25302BB93FA5E0C6 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22348_none_11b129769638465c\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013.07.02 02:15:13 | 000,391,680 | ---- | M] (Microsoft Corporation) MD5=13CD6BA1F798A61AEE985E78D3644A1E -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.21980_none_ce22f86704eafbb0\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\windows\SysNative\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[4 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[2 C:\windows\Panther\*.tmp files -> C:\windows\Panther\*.tmp -> ]
[1 C:\windows\System32\catroot\*.tmp files -> C:\windows\System32\catroot\*.tmp -> ]
[994 C:\windows\temp\*.tmp files -> C:\windows\temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.04.28 15:10:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ABBYY
[2013.10.11 17:10:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Adobe
[2014.01.12 21:41:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Apple Computer
[2014.06.06 19:09:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Battle.net
[2014.05.16 21:00:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BSplayer PRO
[2014.01.12 00:47:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Dell
[2014.01.12 01:41:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\driveridentifier
[2013.10.24 14:22:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ESET
[2014.01.12 13:12:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GHISLER
[2013.10.23 16:41:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\HpUpdate
[2013.10.11 16:50:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Identities
[2014.02.09 20:17:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\KYE 7Key
[2013.10.14 14:15:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Macromedia
[2010.11.21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Media Center Programs
[2014.01.12 14:12:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Media Player Classic
[2014.06.28 01:45:05 | 000,000,000 | --SD | M] -- C:\Users\Owner\AppData\Roaming\Microsoft
[2013.10.14 11:30:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla
[2014.06.28 03:38:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nero
[2013.11.07 19:52:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nokia
[2014.06.22 14:29:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\NVIDIA
[2014.01.12 04:51:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PC Suite
[2014.01.12 00:41:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PCDr
[2014.01.12 20:01:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Samsung
[2014.02.12 22:51:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Seznam.cz
[2013.10.29 15:40:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Telefónica Móviles
[2014.07.05 13:50:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2014.02.03 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\_MDLogs
< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\Haali media splitter\uninstall.exe
[2013.10.06 10:00:00 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\Owner\AppData\Roaming\uTorrent\utorrent.exe
[2013.10.06 10:00:00 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.3.2_30180.exe
[2014.04.30 10:00:25 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014.06.21 20:07:20 | 001,271,376 | ---- | M] (BitTorrent Inc.) -- C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe
[2014.07.02 18:24:22 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.07.04 16:08:44 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"HP Deskjet 3510 series (NET)" = "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN33B1NG3805TY:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1 -- [2012.10.17 04:29:50 | 002,573,416 | ---- | M] (Hewlett-Packard Co.)
"Google Update" = "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2013.12.05 22:38:04 | 000,116,648 | ---- | M] (Google Inc.)
"uTorrent" = "C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe" /MINIMIZED -- [2014.07.02 18:24:22 | 001,322,832 | ---- | M] (BitTorrent Inc.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.07.05 13:53:40 | 000,000,512 | ---- | M] () MD5=08862B195FAB0E8491CEE61000844C67 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.02.02 06:55:58 | 000,009,555 | ---- | M] () -- \Program Files (x86)\Alawarhry.cz\Fishdom 3 Collectors Edition\Base.orig\Textures\Match3\Chips\Firecracker.xml
[2007.10.10 16:34:00 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2007.10.10 16:34:00 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2007.10.10 16:34:02 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2007.10.10 16:34:02 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2007.10.10 16:34:02 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2007.10.10 16:34:00 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2007.10.10 16:34:00 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2007.10.10 16:34:02 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2007.10.10 16:33:58 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2007.10.10 16:33:58 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2007.10.10 16:34:00 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2007.10.10 16:33:32 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce01
[2007.10.10 16:33:34 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce02
[2007.10.10 16:33:32 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce03
[2007.10.10 16:33:34 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce04
[2007.10.10 16:33:32 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce05
[2007.10.10 16:33:32 | 000,017,490 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedTree
[2007.06.13 16:10:44 | 000,017,491 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapTile\MapObjects\_(AdvMapTile)\Sand\Sand_Cracked
[2013.10.28 09:33:15 | 000,006,975 | ---- | M] () -- \Users\Owner\AppData\Roaming\uTorrent\CCleaner 4.05.4250 With Business + Professional crack.torrent
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2014.01.30 19:29:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_rounded\loader.gif.vir
[2014.01.30 19:29:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_square\loader.gif.vir
[2014.01.30 19:29:59 | 000,006,331 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\default\loader.gif.vir
[2014.01.30 19:30:00 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\facebook\loader.gif.vir
[2014.01.30 19:30:00 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_rounded\loader.gif.vir
[2014.01.30 19:30:00 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_square\loader.gif.vir
[2013.12.10 04:15:46 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce335.23Driver\ExtensionLoader.dll
[2014.02.05 11:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce335.23Driver\GFExperience\ExtensionLoader.dll
[2013.12.10 04:15:46 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce337.88Driver\ExtensionLoader.dll
[2014.04.30 20:27:31 | 001,168,216 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce337.88Driver\GFExperience\ExtensionLoader.dll
[2014.01.23 17:05:00 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.05.09 02:43:22 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.09.25 04:39:16 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.10.06 06:08:30 | 000,145,082 | ---- | M] () -- \Program Files (x86)\HP\HP Deskjet 3510 series\bin\HelpViewer\Resources\Loader.gif
[2013.12.10 04:15:46 | 001,168,672 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.12.20 01:37:56 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.12.20 01:37:56 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.12.20 01:37:44 | 000,073,536 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.12.20 01:37:44 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.12.11 11:47:24 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2014.01.23 17:05:00 | 000,364,184 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.05.09 02:43:22 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.12.10 04:15:46 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{169FAFC6-CA10-4BC5-9EF9-393992930E10}\ExtensionLoader.dll
[2013.09.29 12:01:24 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.09.29 12:01:24 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2014.07.02 21:57:07 | 000,001,112 | ---- | M] () -- \Users\Owner\AppData\Local\MRDownloader.nast
[2014.05.16 19:26:12 | 000,003,302 | ---- | M] () -- \Users\Owner\AppData\Local\SRDownloader.err
[2014.05.16 19:26:14 | 000,001,160 | ---- | M] () -- \Users\Owner\AppData\Local\SRDownloader.nast
[2014.07.05 13:17:52 | 000,007,000 | ---- | M] () -- \Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\8LCZMFW9\farmerama-171.level3.bpcdn.net\swf\mlf.swf\farmerama_assets_localization_xml_cs_mlfloadertipxml.sol
[2014.05.16 19:24:34 | 000,911,360 | ---- | M] () -- \Users\Owner\Desktop\MRDownloader.exe
[2013.10.28 11:27:27 | 000,905,728 | ---- | M] () -- \Users\Owner\Desktop\SRDownloader.exe
[2014.02.12 16:12:32 | 000,019,968 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\7b634512d96acf4fc078de3940790d0b\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2014.02.12 16:12:32 | 000,000,796 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\7b634512d96acf4fc078de3940790d0b\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2012.10.01 21:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 21:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 21:34:40 | 000,364,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 21:34:40 | 000,268,384 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.05.09 02:43:22 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4569\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.05.09 02:43:22 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4569\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2014.01.30 21:39:30 | 000,015,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.CLRLoader.dll
[2014.04.12 04:03:37 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2014.03.11 09:24:20 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2014.03.11 12:52:32 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2014.04.12 04:03:37 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2014.03.11 09:24:20 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2014.03.11 12:52:32 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 01:06:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 04:57:14 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 03:28:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 01:06:24 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21855_none_69375696abaca0b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 03:28:04 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 04:29:06 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22178_none_6924938aabba5227\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 04:57:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.09 12:46:38 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2013.10.09 12:46:38 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2013.10.09 12:46:38 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2013.10.09 12:46:38 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2013.10.09 12:46:38 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.07.02 01:02:01 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21985_none_b98bb2f49c9bdeb6.manifest
[2013.07.02 01:02:02 | 000,643,440 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21985_none_b98bb2f49c9bdeb6_winload.efi_75834aa0
[2013.07.02 01:02:02 | 000,605,536 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21985_none_b98bb2f49c9bdeb6_winload.exe_75835076
[2013.07.02 01:02:02 | 000,567,728 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21985_none_b98bb2f49c9bdeb6_winresume.efi_85cd069f
[2013.07.02 01:02:03 | 000,519,680 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21985_none_b98bb2f49c9bdeb6_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.13 20:18:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2013.07.02 00:12:32 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.07.02 01:01:58 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17832_none_b93524e783586732.manifest
[2013.07.02 00:12:32 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2013.07.02 00:19:25 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21675_none_b9967d2e9c93cb50.manifest
[2013.07.02 01:01:58 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21985_none_b98bb2f49c9bdeb6.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_cs-cz_9fafda64680afbaf.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_da-dk_3ce9ba8b5e50f7ae.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_el-gr_e2ab7d5a4f3cb4d6.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_fi-fi_81ec875144463bdc.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_hu-hu_ccf978eb265e2f30.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_ko-kr_b5404aabfebc1e83.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_nb-no_9dd2cbe0d6e14a3f.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_pl-pl_e24e71a0bd2fc1c8.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_pt-br_e4a25c44bbb955ac.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_pt-pt_e5842bb0bb28c588.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_ru-ru_2c273d74a00a53b4.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_sv-se_c82227e997335e0f.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_tr-tr_712f723085ef6000.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_zh-cn_428c902e3627321f.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_zh-hk_413788bc3702a4af.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_zh-tw_4688cd8433980e8f.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 01:06:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 04:57:14 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 03:28:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 01:06:24 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21855_none_0d18bb12f34f2f7a\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 03:28:05 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 04:29:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22178_none_0d05f806f35ce0f1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 04:57:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2014.02.13 23:57:42 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.12 11:44:24 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2014.03.04 19:21:37 | 000,196,432 | ---- | M] () -- \Program Files (x86)\Nero\KM\SerialHelper.exe
[2013.12.10 15:17:56 | 000,196,432 | ---- | M] () -- \Program Files (x86)\Nero\KM\serialhelper.exe.bak
[2013.11.08 14:00:34 | 000,248,144 | ---- | M] () -- \Program Files (x86)\Nero\Nero Blu-ray Player\boost_serialization-mt.dll
[2013.11.08 14:00:34 | 000,167,760 | ---- | M] () -- \Program Files (x86)\Nero\Nero Blu-ray Player\boost_wserialization-mt.dll
[2013.07.02 04:15:19 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.04 18:53:40 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.04.15 13:11:02 | 000,167,616 | ---- | M] () -- \Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.XmlSerializers.dll
[2014.04.15 13:11:02 | 000,210,112 | ---- | M] () -- \Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.XmlSerializers.dll
[2014.02.14 00:30:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.12 11:44:48 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2013.11.30 09:13:00 | 000,003,532 | ---- | M] () -- \Program Files\My Dell\pcdrserialport.p5m
[2014.01.31 22:56:36 | 000,090,872 | ---- | M] () -- \Program Files\My Dell\pcdrserialport.p5x
[2013.11.30 09:13:00 | 000,001,413 | ---- | M] () -- \Program Files\My Dell\images\icons\png\24_24\serial_port.png
[2013.11.30 09:13:00 | 000,000,833 | ---- | M] () -- \Program Files\My Dell\images\img16_16\serialport.png
[2013.11.30 09:13:00 | 000,001,413 | ---- | M] () -- \Program Files\My Dell\images\img24_24\serialport.png
[2013.11.30 09:13:00 | 000,002,178 | ---- | M] () -- \Program Files\My Dell\images\img32_32\serialport.png
[2013.11.30 09:13:00 | 000,004,055 | ---- | M] () -- \Program Files\My Dell\images\img48_48\serialport.png
[2013.11.30 09:13:00 | 000,006,298 | ---- | M] () -- \Program Files\My Dell\images\img64_64\serialport.png
[2013.07.02 04:15:16 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.04 18:54:44 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.10.28 01:25:00 | 000,013,216 | ---- | M] () -- \Users\Owner\AppData\Roaming\uTorrent\Everest Ultimate Edition 5.50.2100 + Serial.torrent
[2009.06.10 15:10:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2013.07.02 04:15:18 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.12 16:19:35 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\529e966eafd01bb7daa9119ce0e706dd\System.Runtime.Serialization.ni.dll
[2014.02.12 15:47:39 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91909da018aff1641091f4e0e9827219\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 15:49:53 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\78264536550b135d51d0ffc9e7628190\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 16:07:09 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\ca7a2f7c5b60c5e134c3f5822cb881fb\System.Runtime.Serialization.ni.dll
[2014.02.12 15:37:34 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 15:37:34 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.12 15:37:45 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.02.12 15:37:45 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.02.12 16:24:04 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.02.12 16:24:04 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014.02.12 16:14:17 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 16:14:17 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.12 16:15:43 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
[2014.02.12 16:15:43 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll.aux
[2014.02.12 16:18:07 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014.02.12 16:18:07 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2012.10.01 21:36:32 | 000,166,864 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\AS_Client_BackEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2012.10.01 21:36:32 | 000,209,360 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\AS_Client_Common_FrontEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2014.01.23 17:05:10 | 000,167,616 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4569\AS_Client_BackEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2014.01.23 17:05:12 | 000,210,112 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4569\AS_Client_Common_FrontEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.04 18:53:34 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.02 04:15:18 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.04 18:54:40 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013.07.02 04:15:16 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 21:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 21:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.13 19:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2013.07.02 05:42:25 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_a50973feff546283\serial.sys
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.13 19:38:14 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.11.04 18:54:40 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.13 19:58:44 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.04 18:54:44 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.13 20:07:20 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2013.07.02 05:42:25 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7601.22307_none_5755073be810c07e\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2013.07.02 04:15:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2013.07.02 01:51:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.21956_none_424eec4a8e87f0b9\System.Runtime.Serialization.dll
[2013.07.02 04:15:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2013.07.02 04:15:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2013.07.02 01:51:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.21956_none_7d25f914e27feb52\System.Runtime.Serialization.dll
[2013.07.02 04:15:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013.07.02 00:12:41 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.07.02 00:12:41 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2013.10.09 12:46:38 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2013.10.09 12:46:38 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2013.07.02 00:12:32 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.07.02 00:12:32 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2013.07.02 04:15:11 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2013.07.02 01:51:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.21956_none_424eec4a8e87f0b9.manifest
[2013.07.02 04:15:11 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2013.07.02 04:15:11 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2013.07.02 01:51:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.21956_none_7d25f914e27feb52.manifest
[2013.07.02 04:15:11 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2013.07.02 04:15:11 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2013.07.02 01:51:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.21956_none_8fb54e848e7e78e3.manifest
[2013.07.02 04:15:11 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.13 20:17:48 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2013.07.02 04:15:11 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2013.07.02 01:51:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.21956_none_bff8841eb6257a16.manifest
[2013.07.02 04:15:11 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2013.07.02 04:15:11 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2013.07.02 01:51:50 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.21956_none_c4d32febf6fc1458.manifest
[2013.07.02 04:15:11 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 15:10:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2013.07.02 04:15:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2013.07.02 01:51:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.21956_none_8fb54e848e7e78e3\System.Runtime.Serialization.dll
[2013.07.02 04:15:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.06.08 11:39:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2013.07.02 04:15:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2013.07.02 01:51:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.21956_none_bff8841eb6257a16\System.Runtime.Serialization.dll
[2013.07.02 04:15:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2010.11.04 18:53:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.13 19:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.04 18:53:40 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2013.07.02 04:15:19 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2013.07.02 01:51:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.21956_none_c4d32febf6fc1458\System.Runtime.Serialization.dll
[2013.07.02 04:15:19 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\windows\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
< MD5 for: HAL.DLL >
[2013.07.02 01:33:26 | 000,263,024 | ---- | M] (Microsoft Corporation) MD5=9E6A4D0A36BAEE7199229660049D693D -- C:\windows\SysNative\hal.dll
[2013.07.02 01:33:26 | 000,263,024 | ---- | M] (Microsoft Corporation) MD5=9E6A4D0A36BAEE7199229660049D693D -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.21855_none_09ae59448986e4c9\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: IASTORV.SYS >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2013.07.02 07:17:18 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2013.07.02 07:17:18 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\drivers\iaStorV.sys
[2013.07.02 07:17:18 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2013.07.02 07:17:18 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\drivers\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_835126aa75fcce4e\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17836_none_18255918d55ec5c0\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.21988_none_187ae6dbeea323ed\isapnp.sys
< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[2014.04.12 04:19:05 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=204F3F58212B3E422C90BD9691A2DF28 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18443_none_044f07757384196d\lsass.exe
[2013.07.02 06:04:04 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=34C24593933C22EE403E569FD58618A6 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22276_none_04bb2fa88cb7619a\lsass.exe
[2013.09.25 03:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=4D71227301DD8D09097B9E4CC6527E5A -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.18270_none_042b9307739f26ed\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\windows\SysNative\lsass.exe
[2014.04.12 04:31:33 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=6598EBC4D209318EBD81F76833ECBEDB -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22653_none_04cdd63a8ca9d24f\lsass.exe
[2012.08.24 19:43:36 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=77119F1F9B492B260030C34F9BE327FA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22099_none_04a88ce28cc4eb33\lsass.exe
[2013.07.02 04:20:02 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=9E3E3E092B01D89A742FF65549929BF4 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22119_none_04ff0e288c8408d2\lsass.exe
[2011.11.17 08:33:55 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=C118A82CD78818C29AB228366EBF81C3 -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17940_none_044c26dd7386a58a\lsass.exe
[2013.09.25 03:08:17 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=F021DAFB1F87616FCEBA159C2ED7042F -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.22465_none_04c503168cb026a0\lsass.exe
< MD5 for: NDIS.SYS >
[2013.07.02 03:37:59 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=37060C2BFFFBF8235AB8021D33807AEC -- C:\windows\SysNative\drivers\ndis.sys
[2013.07.02 03:37:59 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=37060C2BFFFBF8235AB8021D33807AEC -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17956_none_05c3f9b232cd2e67\ndis.sys
[2013.07.02 03:37:59 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5C1C79E4AC2D8D6FA77F503ADFD0A5BE -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22114_none_0676adbb4bcc5f01\ndis.sys
[2013.07.02 03:19:00 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=5E74508FCB5820B29EEAFE24E6035BCF -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.22097_none_06232d534c0a8d67\ndis.sys
[2013.07.02 03:19:00 | 000,950,128 | ---- | M] (Microsoft Corporation) MD5=760E38053BF56E501D562B70AD796B88 -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17939_none_05dc9a6832ba428a\ndis.sys
[2010.11.21 05:23:55 | 000,951,680 | ---- | M] (Microsoft Corporation) MD5=79B47FD40D9A817E932F9D26FAC0A81C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
< MD5 for: NETLOGON.DLL >
[2013.07.02 02:14:11 | 000,695,296 | ---- | M] (Microsoft Corporation) MD5=3B636D8B071977F5625435DA5E1302C8 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.21934_none_5c51bf5767c741b9\netlogon.dll
[2013.07.02 02:14:11 | 000,564,224 | ---- | M] (Microsoft Corporation) MD5=5080BF3DF882FFF96ABE5AEC684C6ABA -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.21934_none_66a669a99c2803b4\netlogon.dll
[2013.07.02 06:12:23 | 000,699,904 | ---- | M] (Microsoft Corporation) MD5=76B98F4D0B9C9EB1A9EC47726EFA2652 -- C:\windows\SysNative\netlogon.dll
[2013.07.02 06:12:23 | 000,699,904 | ---- | M] (Microsoft Corporation) MD5=76B98F4D0B9C9EB1A9EC47726EFA2652 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.22289_none_5c208d1b67eb79b1\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2013.07.02 06:12:23 | 000,567,296 | ---- | M] (Microsoft Corporation) MD5=E1986010A4D5EABD58FC46907E9E0693 -- C:\Windows\SysWOW64\netlogon.dll
[2013.07.02 06:12:23 | 000,567,296 | ---- | M] (Microsoft Corporation) MD5=E1986010A4D5EABD58FC46907E9E0693 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.22289_none_6675376d9c4c3bac\netlogon.dll
< MD5 for: NVRAID.SYS >
[2013.07.02 07:17:18 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\drivers\nvraid.sys
[2013.07.02 07:17:18 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvraid.sys
[2013.07.02 07:17:18 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=0A92CB65770442ED0DC44834632F66AD -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvraid.sys
[2010.11.21 05:23:47 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=5D9FD91F3D38DC9DA01E3CB5FA89CD48 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvraid.sys
[2013.07.02 07:17:18 | 000,148,352 | ---- | M] (NVIDIA Corporation) MD5=666CA16F17914C1CD3616CF16DE0A6EA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvraid.sys
< MD5 for: NVSTOR.SYS >
[2013.07.02 07:17:18 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2013.07.02 07:17:18 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\drivers\nvstor.sys
[2013.07.02 07:17:18 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2013.07.02 07:17:18 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2013.07.02 00:46:11 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=19E15945ED042BA1DF794AEEA1976B0B -- C:\Windows\SysWOW64\scecli.dll
[2013.07.02 00:46:11 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=19E15945ED042BA1DF794AEEA1976B0B -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.21864_none_a0dc23183d61e11b\scecli.dll
[2013.07.02 00:46:11 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=36505BDC60046806B60F1032A28E9A10 -- C:\windows\SysNative\scecli.dll
[2013.07.02 00:46:11 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=36505BDC60046806B60F1032A28E9A10 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.21864_none_968778c609011f20\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\windows\SysNative\smss.exe
[2014.04.12 04:31:44 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=3442A918386D4716D74C661543151746 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22653_none_0abdf375491039d3\smss.exe
[2013.08.29 03:04:30 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=B2B31D4C79EFD883097FA24D02E79C12 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22436_none_0ad6905f48fd53a8\smss.exe
[2013.08.02 07:06:34 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CB5DA3E44456D1084BCD87F5B1B3152B -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22411_none_0ae72ec548f19d13\smss.exe
[2013.07.02 06:50:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=CBCFCF064962B4571BBEC300056012C2 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.22318_none_0aee2ee548eb514d\smss.exe
[2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0371DE302FFFF8F086661611BE60848 -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18113_none_0a5f8ec22fd235a9\smss.exe
[2013.08.02 02:59:09 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=F0970A4BC8395659C22BF53D0FADF16F -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7601.18229_none_0a5ac2782fd4e6cb\smss.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2013.07.02 04:02:47 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2013.07.01 23:57:09 | 001,928,064 | ---- | M] (Microsoft Corporation) MD5=4A68EA6B21FB6316E01457DE1A678AA9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21645_none_11ae4512963ad82b\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.07.02 07:05:25 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=6B46A5C14832DE7B10359E8BE49C042B -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18176_none_11051a6d7d34ca90\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013.07.02 00:23:38 | 001,901,400 | ---- | M] (Microsoft Corporation) MD5=77EBDE4B7E3D4A578A2ECA79BA29355A -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22215_none_11ce96769622a95d\tcpip.sys
[2013.07.02 04:52:39 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=A9F2951A642B2B2DF0238965BCD6EB7F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22197_none_117a15c49661be6c\tcpip.sys
[2013.07.06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.07.02 04:02:47 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.07.06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2013.07.02 07:05:25 | 001,900,904 | ---- | M] (Microsoft Corporation) MD5=EE6B008FA8094F1F25302BB93FA5E0C6 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22348_none_11b129769638465c\tcpip.sys
[2013.11.26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2013.07.02 02:15:13 | 000,391,680 | ---- | M] (Microsoft Corporation) MD5=13CD6BA1F798A61AEE985E78D3644A1E -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.21980_none_ce22f86704eafbb0\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\windows\SysNative\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
< MD5 for: WS2_32.DLL >
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\windows\SysNative\ws2_32.dll
[2010.11.21 05:24:28 | 000,297,984 | ---- | M] (Microsoft Corporation) MD5=4BBFA57F594F7E8A8EDC8F377184C3F0 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\SysWOW64\ws2_32.dll
[2010.11.21 05:23:55 | 000,206,848 | ---- | M] (Microsoft Corporation) MD5=7FF15A4F092CD4A96055BA69F903E3E9 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[4 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[2 C:\windows\Panther\*.tmp files -> C:\windows\Panther\*.tmp -> ]
[1 C:\windows\System32\catroot\*.tmp files -> C:\windows\System32\catroot\*.tmp -> ]
[994 C:\windows\temp\*.tmp files -> C:\windows\temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2014.04.28 15:10:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ABBYY
[2013.10.11 17:10:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Adobe
[2014.01.12 21:41:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Apple Computer
[2014.06.06 19:09:37 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Battle.net
[2014.05.16 21:00:58 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BSplayer PRO
[2014.01.12 00:47:19 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Dell
[2014.01.12 01:41:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\driveridentifier
[2013.10.24 14:22:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ESET
[2014.01.12 13:12:35 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GHISLER
[2013.10.23 16:41:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\HpUpdate
[2013.10.11 16:50:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Identities
[2014.02.09 20:17:31 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\KYE 7Key
[2013.10.14 14:15:38 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Macromedia
[2010.11.21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Media Center Programs
[2014.01.12 14:12:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Media Player Classic
[2014.06.28 01:45:05 | 000,000,000 | --SD | M] -- C:\Users\Owner\AppData\Roaming\Microsoft
[2013.10.14 11:30:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla
[2014.06.28 03:38:44 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nero
[2013.11.07 19:52:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nokia
[2014.06.22 14:29:40 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\NVIDIA
[2014.01.12 04:51:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PC Suite
[2014.01.12 00:41:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PCDr
[2014.01.12 20:01:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Samsung
[2014.02.12 22:51:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Seznam.cz
[2013.10.29 15:40:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Telefónica Móviles
[2014.07.05 13:50:54 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2014.02.03 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\_MDLogs
< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\BSplayer PRO\Haali media splitter\uninstall.exe
[2013.10.06 10:00:00 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\Owner\AppData\Roaming\uTorrent\utorrent.exe
[2013.10.06 10:00:00 | 001,141,328 | ---- | M] (BitTorrent Inc.) -- C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.3.2_30180.exe
[2014.04.30 10:00:25 | 001,270,352 | ---- | M] (BitTorrent Inc.) -- C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.1_30888.exe
[2014.06.21 20:07:20 | 001,271,376 | ---- | M] (BitTorrent Inc.) -- C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.1_31395.exe
[2014.07.02 18:24:22 | 001,322,832 | ---- | M] (BitTorrent Inc.) -- C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2014.07.04 16:08:44 | 000,000,018 | ---- | M] () -- C:\windows\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"HP Deskjet 3510 series (NET)" = "C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN33B1NG3805TY:NW" -scfn "HP Deskjet 3510 series (NET)" -AutoStart 1 -- [2012.10.17 04:29:50 | 002,573,416 | ---- | M] (Hewlett-Packard Co.)
"Google Update" = "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c -- [2013.12.05 22:38:04 | 000,116,648 | ---- | M] (Google Inc.)
"uTorrent" = "C:\Users\Owner\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe" /MINIMIZED -- [2014.07.02 18:24:22 | 001,322,832 | ---- | M] (BitTorrent Inc.)
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014.07.05 13:53:40 | 000,000,512 | ---- | M] () MD5=08862B195FAB0E8491CEE61000844C67 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.02.02 06:55:58 | 000,009,555 | ---- | M] () -- \Program Files (x86)\Alawarhry.cz\Fishdom 3 Collectors Edition\Base.orig\Textures\Match3\Chips\Firecracker.xml
[2007.10.10 16:34:00 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_1
[2007.10.10 16:34:00 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_2
[2007.10.10 16:34:02 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_3
[2007.10.10 16:34:02 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack3x2_4
[2007.10.10 16:34:02 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_1
[2007.10.10 16:34:00 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_2
[2007.10.10 16:34:00 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_3
[2007.10.10 16:34:02 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack5x3_4
[2007.10.10 16:33:58 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x2_1
[2007.10.10 16:33:58 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x4_1
[2007.10.10 16:34:00 | 000,017,493 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Lava\Lavacracks\Lavacrack7x5_1
[2007.10.10 16:33:32 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce01
[2007.10.10 16:33:34 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce02
[2007.10.10 16:33:32 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce03
[2007.10.10 16:33:34 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce04
[2007.10.10 16:33:32 | 000,017,494 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedSpruce05
[2007.10.10 16:33:32 | 000,017,490 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapObjectLink\MapObjects\_(AdvMapObjectLink)\Objects-Snow\Trees\CrackedTree
[2007.06.13 16:10:44 | 000,017,491 | ---- | M] () -- \Program Files (x86)\Ubisoft\Heroes of Might and Magic V - Tribes of the East\Editor\IconCache\AdvMapTile\MapObjects\_(AdvMapTile)\Sand\Sand_Cracked
[2013.10.28 09:33:15 | 000,006,975 | ---- | M] () -- \Users\Owner\AppData\Roaming\uTorrent\CCleaner 4.05.4250 With Business + Professional crack.torrent
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2014.01.30 19:29:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_rounded\loader.gif.vir
[2014.01.30 19:29:59 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\dark_square\loader.gif.vir
[2014.01.30 19:29:59 | 000,006,331 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\default\loader.gif.vir
[2014.01.30 19:30:00 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\facebook\loader.gif.vir
[2014.01.30 19:30:00 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_rounded\loader.gif.vir
[2014.01.30 19:30:00 | 000,002,545 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\prettyPhoto\light_square\loader.gif.vir
[2013.12.10 04:15:46 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce335.23Driver\ExtensionLoader.dll
[2014.02.05 11:31:23 | 001,169,184 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce335.23Driver\GFExperience\ExtensionLoader.dll
[2013.12.10 04:15:46 | 001,168,672 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce337.88Driver\ExtensionLoader.dll
[2014.04.30 20:27:31 | 001,168,216 | ---- | M] () -- \NVIDIA\DisplayDriver\GeForce337.88Driver\GFExperience\ExtensionLoader.dll
[2014.01.23 17:05:00 | 000,268,440 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2013.05.09 02:43:22 | 000,019,080 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012.09.25 04:39:16 | 000,112,128 | ---- | M] () -- \Program Files (x86)\Common Files\Nokia\Tss\ProductApiLoader\ta_productapiloader.dll
[2009.10.06 06:08:30 | 000,145,082 | ---- | M] () -- \Program Files (x86)\HP\HP Deskjet 3510 series\bin\HelpViewer\Resources\Loader.gif
[2013.12.10 04:15:46 | 001,168,672 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2013.12.20 01:37:56 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2013.12.20 01:37:56 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2013.12.20 01:37:44 | 000,073,536 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2013.12.20 01:37:44 | 000,080,704 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.12.11 11:47:24 | 000,069,120 | ---- | M] () -- \Program Files (x86)\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.dll
[2014.01.23 17:05:00 | 000,364,184 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2013.05.09 02:43:22 | 000,019,080 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2013.12.10 04:15:46 | 001,168,672 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.GFExperience.{169FAFC6-CA10-4BC5-9EF9-393992930E10}\ExtensionLoader.dll
[2013.09.29 12:01:24 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013.09.29 12:01:24 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2014.07.02 21:57:07 | 000,001,112 | ---- | M] () -- \Users\Owner\AppData\Local\MRDownloader.nast
[2014.05.16 19:26:12 | 000,003,302 | ---- | M] () -- \Users\Owner\AppData\Local\SRDownloader.err
[2014.05.16 19:26:14 | 000,001,160 | ---- | M] () -- \Users\Owner\AppData\Local\SRDownloader.nast
[2014.07.05 13:17:52 | 000,007,000 | ---- | M] () -- \Users\Owner\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\8LCZMFW9\farmerama-171.level3.bpcdn.net\swf\mlf.swf\farmerama_assets_localization_xml_cs_mlfloadertipxml.sol
[2014.05.16 19:24:34 | 000,911,360 | ---- | M] () -- \Users\Owner\Desktop\MRDownloader.exe
[2013.10.28 11:27:27 | 000,905,728 | ---- | M] () -- \Users\Owner\Desktop\SRDownloader.exe
[2014.02.12 16:12:32 | 000,019,968 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\7b634512d96acf4fc078de3940790d0b\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2014.02.12 16:12:32 | 000,000,796 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\7b634512d96acf4fc078de3940790d0b\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2012.10.01 21:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 21:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 21:34:40 | 000,364,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2012.10.01 21:34:40 | 000,268,384 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.05.09 02:43:22 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4569\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.05.09 02:43:22 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4569\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2014.01.30 21:39:30 | 000,015,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.CLRLoader.dll
[2014.04.12 04:03:37 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2014.03.11 09:24:20 | 000,012,532 | ---- | M] () -- \Windows\System32\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2014.03.11 12:52:32 | 000,009,622 | ---- | M] () -- \Windows\System32\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2014.04.12 04:03:37 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2014.03.11 09:24:20 | 000,012,532 | ---- | M] () -- \Windows\SysWOW64\Adobe\Shockwave 12\shockwave_Projector_Loader.dcr
[2014.03.11 12:52:32 | 000,009,622 | ---- | M] () -- \Windows\SysWOW64\Macromed\Shockwave 10\shockwave_Projector_Loader.dcr
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 01:06:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 04:57:14 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 03:28:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 01:06:24 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21855_none_69375696abaca0b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 03:28:04 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 04:29:06 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22178_none_6924938aabba5227\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 04:57:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.10.09 12:46:38 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2013.10.09 12:46:38 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2013.10.09 12:46:38 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2013.10.09 12:46:38 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2013.10.09 12:46:38 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.07.02 01:02:01 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21985_none_b98bb2f49c9bdeb6.manifest
[2013.07.02 01:02:02 | 000,643,440 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21985_none_b98bb2f49c9bdeb6_winload.efi_75834aa0
[2013.07.02 01:02:02 | 000,605,536 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21985_none_b98bb2f49c9bdeb6_winload.exe_75835076
[2013.07.02 01:02:02 | 000,567,728 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21985_none_b98bb2f49c9bdeb6_winresume.efi_85cd069f
[2013.07.02 01:02:03 | 000,519,680 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21985_none_b98bb2f49c9bdeb6_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009.07.13 20:18:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2013.07.02 00:12:32 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.07.02 01:01:58 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17832_none_b93524e783586732.manifest
[2013.07.02 00:12:32 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2013.07.02 00:19:25 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21675_none_b9967d2e9c93cb50.manifest
[2013.07.02 01:01:58 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21985_none_b98bb2f49c9bdeb6.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_cs-cz_9fafda64680afbaf.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_da-dk_3ce9ba8b5e50f7ae.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_el-gr_e2ab7d5a4f3cb4d6.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_fi-fi_81ec875144463bdc.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_hu-hu_ccf978eb265e2f30.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_ko-kr_b5404aabfebc1e83.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_nb-no_9dd2cbe0d6e14a3f.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_pl-pl_e24e71a0bd2fc1c8.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_pt-br_e4a25c44bbb955ac.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_pt-pt_e5842bb0bb28c588.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_ru-ru_2c273d74a00a53b4.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_sv-se_c82227e997335e0f.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_tr-tr_712f723085ef6000.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_zh-cn_428c902e3627321f.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_zh-hk_413788bc3702a4af.manifest
[2013.07.02 00:19:25 | 000,004,434 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.21765_zh-tw_4688cd8433980e8f.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 01:06:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 04:57:14 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 03:28:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 01:06:24 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21855_none_0d18bb12f34f2f7a\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 03:28:05 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 04:29:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22178_none_0d05f806f35ce0f1\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.07.02 04:57:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2014.02.13 23:57:42 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.12 11:44:24 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2014.03.04 19:21:37 | 000,196,432 | ---- | M] () -- \Program Files (x86)\Nero\KM\SerialHelper.exe
[2013.12.10 15:17:56 | 000,196,432 | ---- | M] () -- \Program Files (x86)\Nero\KM\serialhelper.exe.bak
[2013.11.08 14:00:34 | 000,248,144 | ---- | M] () -- \Program Files (x86)\Nero\Nero Blu-ray Player\boost_serialization-mt.dll
[2013.11.08 14:00:34 | 000,167,760 | ---- | M] () -- \Program Files (x86)\Nero\Nero Blu-ray Player\boost_wserialization-mt.dll
[2013.07.02 04:15:19 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.04 18:53:40 | 000,090,112 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014.04.15 13:11:02 | 000,167,616 | ---- | M] () -- \Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.XmlSerializers.dll
[2014.04.15 13:11:02 | 000,210,112 | ---- | M] () -- \Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.XmlSerializers.dll
[2014.02.14 00:30:04 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.dll
[2014.03.12 11:44:48 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30214.0\System.Runtime.Serialization.ni.dll
[2013.11.30 09:13:00 | 000,003,532 | ---- | M] () -- \Program Files\My Dell\pcdrserialport.p5m
[2014.01.31 22:56:36 | 000,090,872 | ---- | M] () -- \Program Files\My Dell\pcdrserialport.p5x
[2013.11.30 09:13:00 | 000,001,413 | ---- | M] () -- \Program Files\My Dell\images\icons\png\24_24\serial_port.png
[2013.11.30 09:13:00 | 000,000,833 | ---- | M] () -- \Program Files\My Dell\images\img16_16\serialport.png
[2013.11.30 09:13:00 | 000,001,413 | ---- | M] () -- \Program Files\My Dell\images\img24_24\serialport.png
[2013.11.30 09:13:00 | 000,002,178 | ---- | M] () -- \Program Files\My Dell\images\img32_32\serialport.png
[2013.11.30 09:13:00 | 000,004,055 | ---- | M] () -- \Program Files\My Dell\images\img48_48\serialport.png
[2013.11.30 09:13:00 | 000,006,298 | ---- | M] () -- \Program Files\My Dell\images\img64_64\serialport.png
[2013.07.02 04:15:16 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2010.11.04 18:54:44 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2013.10.28 01:25:00 | 000,013,216 | ---- | M] () -- \Users\Owner\AppData\Roaming\uTorrent\Everest Ultimate Edition 5.50.2100 + Serial.torrent
[2009.06.10 15:10:20 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2013.07.02 04:15:18 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014.02.12 16:19:35 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\529e966eafd01bb7daa9119ce0e706dd\System.Runtime.Serialization.ni.dll
[2014.02.12 15:47:39 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\91909da018aff1641091f4e0e9827219\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 15:49:53 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\78264536550b135d51d0ffc9e7628190\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 16:07:09 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\ca7a2f7c5b60c5e134c3f5822cb881fb\System.Runtime.Serialization.ni.dll
[2014.02.12 15:37:34 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 15:37:34 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.12 15:37:45 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014.02.12 15:37:45 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014.02.12 16:24:04 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014.02.12 16:24:04 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014.02.12 16:14:17 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014.02.12 16:14:17 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014.02.12 16:15:43 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
[2014.02.12 16:15:43 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll.aux
[2014.02.12 16:18:07 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014.02.12 16:18:07 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2012.10.01 21:36:32 | 000,166,864 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\AS_Client_BackEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2012.10.01 21:36:32 | 000,209,360 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\AS_Client_Common_FrontEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2014.01.23 17:05:10 | 000,167,616 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4569\AS_Client_BackEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2014.01.23 17:05:12 | 000,210,112 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4569\AS_Client_Common_FrontEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.04 18:53:34 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.07.02 04:15:18 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 23:33:38 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 23:33:38 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2010.11.04 18:54:40 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013.07.02 04:15:16 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 001,052,320 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013.09.11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013.09.11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013.09.11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013.09.11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013.09.11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013.09.11 21:32:16 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013.09.11 21:32:16 | 000,113,864 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[2009.07.13 19:38:14 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2013.07.02 05:42:25 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_a50973feff546283\serial.sys
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2009.07.13 19:38:14 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2010.11.04 18:54:40 | 000,011,776 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_1e527062c1f59d5f\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2009.07.13 19:58:44 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23\serialui.dll.mui
[2009.07.14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2010.11.04 18:54:44 | 000,090,112 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_bb9a1800691e639c\System.RunTime.Serialization.Resources.dll
[2009.07.13 20:07:20 | 000,009,728 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_20ab142d65ed6acc\serial.sys.mui
[2009.07.14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2013.07.02 05:42:25 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7601.22307_none_5755073be810c07e\serial.sys
[2009.06.10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2013.07.02 04:15:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2013.07.02 01:51:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.21956_none_424eec4a8e87f0b9\System.Runtime.Serialization.dll
[2013.07.02 04:15:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2010.11.21 05:24:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2013.07.02 04:15:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2013.07.02 01:51:53 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.21956_none_7d25f914e27feb52\System.Runtime.Serialization.dll
[2013.07.02 04:15:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2013.07.02 00:12:41 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.07.02 00:12:41 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2013.10.09 12:46:38 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_aa5fd338fd5bcb23_serialui.dll.mui_7d29d2a3
[2009.07.14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2013.10.09 12:46:38 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed_serialui.dll.mui_7d29d2a3
[2009.07.14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009.07.14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2013.07.02 00:12:32 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2013.07.02 00:12:32 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009.07.14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010.11.21 05:17:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2013.07.02 04:15:11 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2013.07.02 01:51:50 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.21956_none_424eec4a8e87f0b9.manifest
[2013.07.02 04:15:11 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2010.11.21 05:17:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2013.07.02 04:15:11 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2013.07.02 01:51:50 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.21956_none_7d25f914e27feb52.manifest
[2013.07.02 04:15:11 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2010.11.21 05:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2013.07.02 04:15:11 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2013.07.02 01:51:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.21956_none_8fb54e848e7e78e3.manifest
[2013.07.02 04:15:11 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2009.07.13 20:17:48 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0.manifest
[2012.10.05 22:12:17 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f.manifest
[2012.10.05 21:59:28 | 000,001,626 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797.manifest
[2010.11.21 05:17:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2013.07.02 04:15:11 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2013.07.02 01:51:50 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.21956_none_bff8841eb6257a16.manifest
[2013.07.02 04:15:11 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2010.11.21 05:18:20 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2013.07.02 04:15:11 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2013.07.02 01:51:50 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.21956_none_c4d32febf6fc1458.manifest
[2013.07.02 04:15:11 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2009.06.10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2009.06.10 15:10:20 | 000,011,776 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.1.7600.16385_cs-cz_d5c3552dd9b47144\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2013.07.02 04:15:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2013.07.02 01:51:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.21956_none_8fb54e848e7e78e3\System.Runtime.Serialization.dll
[2013.07.02 04:15:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2009.06.08 11:39:36 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_cs-cz_34555b4d83cf58b0\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:02:06 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_cs-cz_342f3c238422529f\System.RunTime.Serialization.Resources.dll
[2010.11.13 04:37:37 | 000,090,112 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_cs-cz_1d5d97659dcd4797\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:24:53 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2013.07.02 04:15:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2013.07.02 01:51:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.21956_none_bff8841eb6257a16\System.Runtime.Serialization.dll
[2013.07.02 04:15:18 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2010.11.04 18:53:34 | 000,011,776 | ---- | M] () -- \Windows\winsxs\wow64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_28a71ab4f6565f5a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2009.07.13 19:38:14 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_4e4137b544fe59ed\serialui.dll.mui
[2009.07.14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010.11.04 18:53:40 | 000,090,112 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.1.7601.17514_cs-cz_5f7b7c7cb0c0f266\System.RunTime.Serialization.Resources.dll
[2010.11.21 05:25:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2013.07.02 04:15:19 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2013.07.02 01:51:54 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.21956_none_c4d32febf6fc1458\System.Runtime.Serialization.dll
[2013.07.02 04:15:19 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
< *w7lxe* /s >
========== Alternate Data Streams ==========
@Alternate Data Stream - 6144 bytes -> C:\windows\Cursors\arrow_n.cur:NEDTA.DAT
< End of report >
Re: Prosím o kontrolu logu
Extras
OTL Extras logfile created on: 5.7.2014 13:52:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
5,90 Gb Total Physical Memory | 3,55 Gb Available Physical Memory | 60,22% Memory free
11,79 Gb Paging File | 9,12 Gb Available in Paging File | 77,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,63 Gb Total Space | 174,05 Gb Free Space | 24,91% Space Free | Partition Type: NTFS
Computer Name: VERUNKA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3128138035-3014723401-4134321253-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08428990-79B8-41CD-A94B-A7A8D97B5E5E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{123FC9E9-8160-4C78-8DFE-11348DF40315}" = lport=2869 | protocol=6 | dir=in | app=system |
"{23602148-3437-4533-81DB-AD76CF08295B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{23DDAB42-BE15-491F-BAA3-97B8862D0780}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{375243F0-B771-4082-BF13-1E4F4A243D39}" = lport=137 | protocol=17 | dir=in | app=system |
"{3972F1F7-36DC-4903-B1A3-E14F7A1BD781}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{3F541F80-D944-4636-9A6C-9CBF89E58F20}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4818F9C1-A015-4FC9-B50E-08E5CA87440A}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{4CF97BD2-3FCC-4AEE-9D62-E11808CE219A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4D04A1CF-FFB7-4F18-87A0-308A50FEAAA1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{580FC0FE-2D2E-4DB6-B643-87C1A744038D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{58E6975E-98F9-427C-B8D7-0AD9EA3F9541}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5998FF4B-895C-40AE-8DBD-7A9857FD8B6E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6257D78C-3570-409A-862E-8280036456ED}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{633FD153-1302-48D5-8CAE-82252FE8AC38}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{641C3C75-AE49-4BA6-A0E6-D2A4B101D026}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{67F834FF-EFE3-4C96-94A5-12FD8CC1A4CF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6B6BF45A-5791-462A-AD1F-9224D797BBCB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6E49960B-3022-4D7B-92F0-B29FE3A53CA7}" = rport=137 | protocol=17 | dir=out | app=system |
"{70A5C9E6-AA44-4815-9661-9BC69FBF97E8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8083CFD1-B628-4CBB-B735-2B7FB4E29D03}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8D742F8E-40A3-4BB2-ADEC-711F2D60CC99}" = lport=445 | protocol=6 | dir=in | app=system |
"{94A36FAF-886B-4D24-8521-8D76595ECBA9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A3FBCFE2-BFC1-4DD2-8E46-9A8F91B82A70}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A6EA79B6-726F-45EB-B2E7-EFAF90DE18C3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AE059F4C-3F41-4CD1-805C-F495EF780CC8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B23C6C8E-3724-4FA9-8865-C037213EC28B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B981C273-F950-44D6-98BA-373FDC832722}" = rport=138 | protocol=17 | dir=out | app=system |
"{BD52ADAD-18B3-4282-942F-D2DDD2C4627B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{C2302137-8483-42CB-A10F-E6E056DACB66}" = rport=445 | protocol=6 | dir=out | app=system |
"{C50F1536-21D6-4BD8-A9F8-9EABE4C89CC2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD352638-0F2F-4B24-8C13-CDCDAB980230}" = rport=139 | protocol=6 | dir=out | app=system |
"{D02D7A08-1AAE-408D-B9FC-23E0D2F229DB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E20D7F02-68E8-4C82-91E5-132BD97937CB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EF88A4CB-5D11-4ACE-8C2F-9AADFBC16783}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F0966F32-CBF6-48E9-B903-F455CB2E4449}" = lport=139 | protocol=6 | dir=in | app=system |
"{F6B0D85E-542D-436D-89E1-77ED1477CB74}" = lport=138 | protocol=17 | dir=in | app=system |
"{FAEA179A-B406-408C-8B4F-6928775715F3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{075560A4-66B6-4D4D-A08C-A17AA843393E}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\nmdllhost.exe |
"{08E2E3CA-864B-4282-A73D-B10271199A43}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0AD03A19-3361-4D99-A1B3-7068C94BE6B5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1062EC61-DEDD-4293-B849-D4D676DA4078}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{1925BFFD-29BB-44EA-AD37-6E23869CEA10}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{1AF5F9B0-47A0-465C-AA57-E1945FA54BA4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1E8EBD73-73AE-48F2-ADCB-90166A6CA5CD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2EF2A4B5-31CE-46AA-828B-01D5F8281804}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{3642AF5E-B247-427D-AF3D-EC459D3B0B7F}" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\updates\3.4.1_30888.exe |
"{36C49C0B-BC60-46B7-8084-68CE85027E28}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3E09743C-BD1B-4960-8445-C5FBC5854B0F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{44D48435-2516-4006-A3EB-4D82AF54F486}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
"{4A311C7D-6DD8-4FFA-9909-268B0B30091B}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{4C1D35E7-01B6-4E18-BCC5-7D8E43E37B69}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4CC89069-7EFE-4DE2-9A7B-A851CD7D07AF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4DC47740-A8D0-4AB7-904B-7C330ADDD788}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{5B4ECC85-A4F4-42B2-8ABF-BCC212BC8BF5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{609434E2-6164-43A8-82AA-4496E6EF87A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{66F81E40-846D-4F0F-AB9B-94549D44CD80}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{68F3829D-BB77-499C-8A05-DFF2CB536281}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{6D78A898-98A6-42B1-BC1D-43D9B6D76B37}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{6E201625-B3D5-4D51-B667-515C351AE907}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{722233ED-1B7A-4DC2-AE9B-D66D669895B9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7D3D4AF8-89C2-4F56-9428-27617743668D}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\devicesetup.exe |
"{856DD027-0CB3-4852-A83C-95642D0D1B18}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{861F8CC1-8987-4E01-BA82-161576F4D038}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{890CE723-E54D-4BBE-8E95-C709AE36EE7F}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{9000FD8B-624E-41D3-8407-B34DFADF0DCF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{950998A7-36E5-472A-B7DE-FFFC057E22E2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9B332FC9-96B3-491A-9608-2800CC17C00E}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe |
"{9ECE45CB-5B7B-4BF3-80E6-8DB4170E13C1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A2FDFB48-EFD0-4D17-A320-EA92BE8ABB56}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{A71B06C3-C02B-489F-88A5-14CC50B70C9E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A8BB142F-E1D1-444A-9B89-1075BF017859}" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\updates\3.4.1_30888.exe |
"{AB77A66E-ECB4-4BED-8C72-6F640788CE42}" = protocol=6 | dir=out | app=system |
"{AE3A5A81-1B58-4FD6-A3D7-A96A1188CC42}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AEAE16C1-DE50-4FE3-BB09-D1AD7DB14E75}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{B3F73762-7E8C-46A9-AB07-EF2061EE1E9E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{BEABA9D0-6CF8-45D7-BCF0-D224B88D258B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{C5E2ED1B-0799-47C9-A0B0-ABF0206B4CC2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CCCFD1AC-0CA6-4642-A1B9-D7E574FE20D4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{D0D05F78-10D6-4660-91C4-CB0FDC8C5372}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8223532-3C03-4968-A60F-B76BEFD8CB90}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe |
"{D8936E3B-9160-4D39-8F81-377BD9E70BD5}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\nmdllhost.exe |
"{DCDD130D-75BB-4910-A336-AFE2F64D6A22}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{E199ACB0-5684-4171-A8B3-1E366BF427E4}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{EAD11D2B-3344-400C-BE1E-0D0A632A6898}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F1F261C1-1C9B-4AD9-B5AB-6B59CCCF08F4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{F40A5E6C-3C7D-4299-A494-27E9C0FD1B00}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5BE79F9-C3CE-47F5-8C0F-81EFD7627CDC}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{FC97B438-C17D-4CA2-9DB4-3A3580AE4B3B}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"TCP Query User{1F1FF44D-95A6-4C53-9BE6-5DD24D9E2CA0}C:\users\owner\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{F9B69922-D9D0-4981-85CC-E2EDD0A1C041}C:\users\owner\appdata\roaming\utorrent\updates\3.4.1_30888.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\updates\3.4.1_30888.exe |
"UDP Query User{C4093939-B2DF-4A7D-9C92-6632152D52D0}C:\users\owner\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{F7A969FC-D3CA-45A5-96DD-57AF7C880E71}C:\users\owner\appdata\roaming\utorrent\updates\3.4.1_30888.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\updates\3.4.1_30888.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1719C693-20CF-4BC3-831F-B65E79268114}" = Základní software zařízení HP Deskjet 3510 series
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{4847C986-125C-4C78-BF9D-56A99C2FFA29}" = Studie vylepšování produktu HP Deskjet 3510 series
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0405-1000-0000000FF1CE}" = Microsoft Access MUI (Czech) 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0405-1000-0000000FF1CE}" = Microsoft Excel MUI (Czech) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0017-0405-1000-0000000FF1CE}" = Microsoft SharePoint Designer MUI (Czech) 2013
"{90150000-0018-0405-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Czech) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0405-1000-0000000FF1CE}" = Microsoft Publisher MUI (Czech) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0405-1000-0000000FF1CE}" = Microsoft Outlook MUI (Czech) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0405-1000-0000000FF1CE}" = Microsoft Word MUI (Czech) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0405-1000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-041B-1000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2013
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0405-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Czech) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0405-1000-0000000FF1CE}" = Microsoft DCF MUI (Czech) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0405-1000-0000000FF1CE}" = Microsoft OneNote MUI (Czech) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0405-1000-0000000FF1CE}" = Microsoft Groove MUI (Czech) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0405-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Czech) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0405-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Czech) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0100-0405-1000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2013
"{90150000-0101-0405-1000-0000000FF1CE}" = Microsoft X MUI (Czech) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0405-1000-0000000FF1CE}" = Microsoft Lync MUI (Czech) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B1920A83-25A3-4DBB-B1F5-2395BD05370E}" = ESET Smart Security
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Monitor technologie Intel(R) Turbo Boost 2.0
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"CCleaner" = CCleaner
"Office15.OMUI.cs-cz" = Microsoft Office Language Pack 2013 - Czech/čeština
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"PC-Doctor for Windows" = My Dell
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0128492C-AB60-43BE-9D9A-8CA622CAF06E}" = Nero 2014
"{01D55832-B40C-45C3-A8B4-17923394FDF6}" = HP Deskjet 3510 series Nápověda
"{07BE4679-4318-4413-9701-B3D92354F11D}" = Heroes of Might and Magic V - Tribes of the East
"{0CF7D22B-977C-43B2-9219-E03017FBAC6D}" = Nero Recode Help (CHM)
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1D4FBA7F-5BE3-48B9-B82B-6E55FDA5BF74}" = Nero MediaHome
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{36DA8969-4DCD-48FF-894A-6BD3936050C3}" = Nero Blu-ray Player Help (CHM)
"{3AD3C0C2-65A2-45AE-BFAF-7879CFFF7DA8}" = Nero Disc to Device
"{4CA46F9F-174C-4766-9EA2-2325DF414B9E}" = Nero Express Help (CHM)
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5446D3AF-B060-49B6-9535-F300E1532022}" = Nero Video Help (CHM)
"{55586382-6704-4237-AAA7-85FF9C055022}" = Dell KM632 Wireless Keyboard Caps Lock Indicator
"{581DCE84-1948-4891-A4A7-A1222CC137C5}" = Nero RescueAgent
"{5909A89E-C97F-407C-AE2B-47BDED86BF5D}" = Prerequisite installer
"{5B1886C1-6EFA-4D07-95D3-8B84C743CC71}" = Nero Recode
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{71B53BA8-4BE3-49AF-BC3E-07F392006300}" = GX GAMING CAVIMANUS HEADSET
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75CA8AAE-5346-4312-A9A8-5CF89955930F}" = Nero MediaHome Help (CHM)
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DCD39C9-861A-4067-84FD-F9DEC7A79C10}" = Nero Device Updates
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AAC4108-B87E-4B68-B5EB-5629819F6398}" = Nero Blu-ray Player
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.10) - Czech
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B166374C-105E-445E-8E5D-A86CA5742645}" = Nero Burning Core
"{B791E0AB-87A9-41A4-8D98-D13C2E37D928}" = Nero Info
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C2A4BAE3-A4E9-4B01-B33D-EF68B976CA70}" = Nero Video
"{CDFE8F95-F80F-4115-9C3F-0E1FD8F9F58C}" = Nero ControlCenter Help (CHM)
"{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}" = Nero Launcher
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E5297CC6-DD4E-40F3-BD0A-FB1D085F6751}}_is1" = Maurus Gaming Mouse
"{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4}" = Nero Express
"{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}" = Nokia Suite
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}" = Nero Burning ROM
"{F69D4104-5394-4F7C-801C-D96DC92E7F69}" = Nero RescueAgent Help (CHM)
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{FA78CC15-9F90-443B-BA61-A66595F06432}" = Nero Burning ROM Help (CHM)
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Battle.net" = Battle.net
"BSPlayerp" = BS.Player PRO
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"Fishdom 3 Collector's Edition" = Fishdom 3 Collector's Edition
"HP Photo Creations" = HP Photo Creations
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Mozilla Firefox 30.0 (x86 cs)" = Mozilla Firefox 30.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"O2CZ" = O2
"Torchlight II_is1" = Torchlight II v1.25.5.2
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3128138035-3014723401-4134321253-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.6.2014 11:22:23 | Computer Name = Verunka | Source = NvStreamSvc | ID = 131073
Description =
Error - 17.6.2014 11:23:40 | Computer Name = Verunka | Source = WinMgmt | ID = 10
Description =
Error - 17.6.2014 13:20:48 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 17.6.2014 14:49:45 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 18.6.2014 10:24:18 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 19.6.2014 11:29:22 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 20.6.2014 1:16:03 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 20.6.2014 18:31:49 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 21.6.2014 13:08:15 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 22.6.2014 8:49:41 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ System Events ]
Error - 21.4.2014 16:11:28 | Computer Name = Verunka | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 21.4.2014 16:12:14 | Computer Name = Verunka | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 21.4.2014 16:12:59 | Computer Name = Verunka | Source = DCOM | ID = 10000
Description =
Error - 21.4.2014 16:13:05 | Computer Name = Verunka | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 21.4.2014 16:13:16 | Computer Name = Verunka | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 21.4.2014 16:15:26 | Computer Name = Verunka | Source = DCOM | ID = 10010
Description =
Error - 21.4.2014 16:16:51 | Computer Name = Verunka | Source = Service Control Manager | ID = 7023
Description = Služba Systémový čas byla ukončena s následující chybou: %%1115
Error - 23.4.2014 0:30:32 | Computer Name = Verunka | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (0:36:24, ?23.?4.?2014) bylo neočekávané.
Error - 26.4.2014 13:47:51 | Computer Name = Verunka | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (18:48:21, ?26.?4.?2014) bylo neočekávané.
Error - 28.4.2014 11:43:33 | Computer Name = Verunka | Source = DCOM | ID = 10010
Description =
< End of report >
OTL Extras logfile created on: 5.7.2014 13:52:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Owner\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
5,90 Gb Total Physical Memory | 3,55 Gb Available Physical Memory | 60,22% Memory free
11,79 Gb Paging File | 9,12 Gb Available in Paging File | 77,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 698,63 Gb Total Space | 174,05 Gb Free Space | 24,91% Space Free | Partition Type: NTFS
Computer Name: VERUNKA | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3128138035-3014723401-4134321253-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08428990-79B8-41CD-A94B-A7A8D97B5E5E}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{123FC9E9-8160-4C78-8DFE-11348DF40315}" = lport=2869 | protocol=6 | dir=in | app=system |
"{23602148-3437-4533-81DB-AD76CF08295B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{23DDAB42-BE15-491F-BAA3-97B8862D0780}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{375243F0-B771-4082-BF13-1E4F4A243D39}" = lport=137 | protocol=17 | dir=in | app=system |
"{3972F1F7-36DC-4903-B1A3-E14F7A1BD781}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{3F541F80-D944-4636-9A6C-9CBF89E58F20}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4818F9C1-A015-4FC9-B50E-08E5CA87440A}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{4CF97BD2-3FCC-4AEE-9D62-E11808CE219A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4D04A1CF-FFB7-4F18-87A0-308A50FEAAA1}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{580FC0FE-2D2E-4DB6-B643-87C1A744038D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{58E6975E-98F9-427C-B8D7-0AD9EA3F9541}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5998FF4B-895C-40AE-8DBD-7A9857FD8B6E}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{6257D78C-3570-409A-862E-8280036456ED}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{633FD153-1302-48D5-8CAE-82252FE8AC38}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{641C3C75-AE49-4BA6-A0E6-D2A4B101D026}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{67F834FF-EFE3-4C96-94A5-12FD8CC1A4CF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6B6BF45A-5791-462A-AD1F-9224D797BBCB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6E49960B-3022-4D7B-92F0-B29FE3A53CA7}" = rport=137 | protocol=17 | dir=out | app=system |
"{70A5C9E6-AA44-4815-9661-9BC69FBF97E8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8083CFD1-B628-4CBB-B735-2B7FB4E29D03}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{8D742F8E-40A3-4BB2-ADEC-711F2D60CC99}" = lport=445 | protocol=6 | dir=in | app=system |
"{94A36FAF-886B-4D24-8521-8D76595ECBA9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A3FBCFE2-BFC1-4DD2-8E46-9A8F91B82A70}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A6EA79B6-726F-45EB-B2E7-EFAF90DE18C3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AE059F4C-3F41-4CD1-805C-F495EF780CC8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B23C6C8E-3724-4FA9-8865-C037213EC28B}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B981C273-F950-44D6-98BA-373FDC832722}" = rport=138 | protocol=17 | dir=out | app=system |
"{BD52ADAD-18B3-4282-942F-D2DDD2C4627B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{C2302137-8483-42CB-A10F-E6E056DACB66}" = rport=445 | protocol=6 | dir=out | app=system |
"{C50F1536-21D6-4BD8-A9F8-9EABE4C89CC2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CD352638-0F2F-4B24-8C13-CDCDAB980230}" = rport=139 | protocol=6 | dir=out | app=system |
"{D02D7A08-1AAE-408D-B9FC-23E0D2F229DB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E20D7F02-68E8-4C82-91E5-132BD97937CB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EF88A4CB-5D11-4ACE-8C2F-9AADFBC16783}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{F0966F32-CBF6-48E9-B903-F455CB2E4449}" = lport=139 | protocol=6 | dir=in | app=system |
"{F6B0D85E-542D-436D-89E1-77ED1477CB74}" = lport=138 | protocol=17 | dir=in | app=system |
"{FAEA179A-B406-408C-8B4F-6928775715F3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{075560A4-66B6-4D4D-A08C-A17AA843393E}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\nmdllhost.exe |
"{08E2E3CA-864B-4282-A73D-B10271199A43}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0AD03A19-3361-4D99-A1B3-7068C94BE6B5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1062EC61-DEDD-4293-B849-D4D676DA4078}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{1925BFFD-29BB-44EA-AD37-6E23869CEA10}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{1AF5F9B0-47A0-465C-AA57-E1945FA54BA4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1E8EBD73-73AE-48F2-ADCB-90166A6CA5CD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2EF2A4B5-31CE-46AA-828B-01D5F8281804}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{3642AF5E-B247-427D-AF3D-EC459D3B0B7F}" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\updates\3.4.1_30888.exe |
"{36C49C0B-BC60-46B7-8084-68CE85027E28}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3E09743C-BD1B-4960-8445-C5FBC5854B0F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{44D48435-2516-4006-A3EB-4D82AF54F486}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
"{4A311C7D-6DD8-4FFA-9909-268B0B30091B}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{4C1D35E7-01B6-4E18-BCC5-7D8E43E37B69}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4CC89069-7EFE-4DE2-9A7B-A851CD7D07AF}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4DC47740-A8D0-4AB7-904B-7C330ADDD788}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{5B4ECC85-A4F4-42B2-8ABF-BCC212BC8BF5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{609434E2-6164-43A8-82AA-4496E6EF87A5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{66F81E40-846D-4F0F-AB9B-94549D44CD80}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{68F3829D-BB77-499C-8A05-DFF2CB536281}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{6D78A898-98A6-42B1-BC1D-43D9B6D76B37}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{6E201625-B3D5-4D51-B667-515C351AE907}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{722233ED-1B7A-4DC2-AE9B-D66D669895B9}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7D3D4AF8-89C2-4F56-9428-27617743668D}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\devicesetup.exe |
"{856DD027-0CB3-4852-A83C-95642D0D1B18}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{861F8CC1-8987-4E01-BA82-161576F4D038}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{890CE723-E54D-4BBE-8E95-C709AE36EE7F}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{9000FD8B-624E-41D3-8407-B34DFADF0DCF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{950998A7-36E5-472A-B7DE-FFFC057E22E2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9B332FC9-96B3-491A-9608-2800CC17C00E}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicator.exe |
"{9ECE45CB-5B7B-4BF3-80E6-8DB4170E13C1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A2FDFB48-EFD0-4D17-A320-EA92BE8ABB56}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{A71B06C3-C02B-489F-88A5-14CC50B70C9E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A8BB142F-E1D1-444A-9B89-1075BF017859}" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\updates\3.4.1_30888.exe |
"{AB77A66E-ECB4-4BED-8C72-6F640788CE42}" = protocol=6 | dir=out | app=system |
"{AE3A5A81-1B58-4FD6-A3D7-A96A1188CC42}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AEAE16C1-DE50-4FE3-BB09-D1AD7DB14E75}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{B3F73762-7E8C-46A9-AB07-EF2061EE1E9E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{BEABA9D0-6CF8-45D7-BCF0-D224B88D258B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{C5E2ED1B-0799-47C9-A0B0-ABF0206B4CC2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CCCFD1AC-0CA6-4642-A1B9-D7E574FE20D4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{D0D05F78-10D6-4660-91C4-CB0FDC8C5372}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D8223532-3C03-4968-A60F-B76BEFD8CB90}" = dir=in | app=c:\program files\hp\hp deskjet 3510 series\bin\hpnetworkcommunicatorcom.exe |
"{D8936E3B-9160-4D39-8F81-377BD9E70BD5}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\nmdllhost.exe |
"{DCDD130D-75BB-4910-A336-AFE2F64D6A22}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{E199ACB0-5684-4171-A8B3-1E366BF427E4}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{EAD11D2B-3344-400C-BE1E-0D0A632A6898}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F1F261C1-1C9B-4AD9-B5AB-6B59CCCF08F4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{F40A5E6C-3C7D-4299-A494-27E9C0FD1B00}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F5BE79F9-C3CE-47F5-8C0F-81EFD7627CDC}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{FC97B438-C17D-4CA2-9DB4-3A3580AE4B3B}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"TCP Query User{1F1FF44D-95A6-4C53-9BE6-5DD24D9E2CA0}C:\users\owner\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{F9B69922-D9D0-4981-85CC-E2EDD0A1C041}C:\users\owner\appdata\roaming\utorrent\updates\3.4.1_30888.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\updates\3.4.1_30888.exe |
"UDP Query User{C4093939-B2DF-4A7D-9C92-6632152D52D0}C:\users\owner\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{F7A969FC-D3CA-45A5-96DD-57AF7C880E71}C:\users\owner\appdata\roaming\utorrent\updates\3.4.1_30888.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\utorrent\updates\3.4.1_30888.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1719C693-20CF-4BC3-831F-B65E79268114}" = Základní software zařízení HP Deskjet 3510 series
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{4847C986-125C-4C78-BF9D-56A99C2FFA29}" = Studie vylepšování produktu HP Deskjet 3510 series
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0405-1000-0000000FF1CE}" = Microsoft Access MUI (Czech) 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0405-1000-0000000FF1CE}" = Microsoft Excel MUI (Czech) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0017-0405-1000-0000000FF1CE}" = Microsoft SharePoint Designer MUI (Czech) 2013
"{90150000-0018-0405-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Czech) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0405-1000-0000000FF1CE}" = Microsoft Publisher MUI (Czech) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0405-1000-0000000FF1CE}" = Microsoft Outlook MUI (Czech) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0405-1000-0000000FF1CE}" = Microsoft Word MUI (Czech) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0405-1000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-041B-1000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2013
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0405-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Czech) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0405-1000-0000000FF1CE}" = Microsoft DCF MUI (Czech) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0405-1000-0000000FF1CE}" = Microsoft OneNote MUI (Czech) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0405-1000-0000000FF1CE}" = Microsoft Groove MUI (Czech) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0405-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Czech) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0405-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Czech) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0100-0405-1000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2013
"{90150000-0101-0405-1000-0000000FF1CE}" = Microsoft X MUI (Czech) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0405-1000-0000000FF1CE}" = Microsoft Lync MUI (Czech) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B1920A83-25A3-4DBB-B1F5-2395BD05370E}" = ESET Smart Security
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 337.88
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus Update 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.13.1220
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Monitor technologie Intel(R) Turbo Boost 2.0
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"CCleaner" = CCleaner
"Office15.OMUI.cs-cz" = Microsoft Office Language Pack 2013 - Czech/čeština
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"PC-Doctor for Windows" = My Dell
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0128492C-AB60-43BE-9D9A-8CA622CAF06E}" = Nero 2014
"{01D55832-B40C-45C3-A8B4-17923394FDF6}" = HP Deskjet 3510 series Nápověda
"{07BE4679-4318-4413-9701-B3D92354F11D}" = Heroes of Might and Magic V - Tribes of the East
"{0CF7D22B-977C-43B2-9219-E03017FBAC6D}" = Nero Recode Help (CHM)
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1D4FBA7F-5BE3-48B9-B82B-6E55FDA5BF74}" = Nero MediaHome
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Dell WLAN and Bluetooth Client Installation
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{36DA8969-4DCD-48FF-894A-6BD3936050C3}" = Nero Blu-ray Player Help (CHM)
"{3AD3C0C2-65A2-45AE-BFAF-7879CFFF7DA8}" = Nero Disc to Device
"{4CA46F9F-174C-4766-9EA2-2325DF414B9E}" = Nero Express Help (CHM)
"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5446D3AF-B060-49B6-9535-F300E1532022}" = Nero Video Help (CHM)
"{55586382-6704-4237-AAA7-85FF9C055022}" = Dell KM632 Wireless Keyboard Caps Lock Indicator
"{581DCE84-1948-4891-A4A7-A1222CC137C5}" = Nero RescueAgent
"{5909A89E-C97F-407C-AE2B-47BDED86BF5D}" = Prerequisite installer
"{5B1886C1-6EFA-4D07-95D3-8B84C743CC71}" = Nero Recode
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{71B53BA8-4BE3-49AF-BC3E-07F392006300}" = GX GAMING CAVIMANUS HEADSET
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{75CA8AAE-5346-4312-A9A8-5CF89955930F}" = Nero MediaHome Help (CHM)
"{80407BA7-7763-4395-AB98-5233F1B34E65}" = NVIDIA PhysX
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DCD39C9-861A-4067-84FD-F9DEC7A79C10}" = Nero Device Updates
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AAC4108-B87E-4B68-B5EB-5629819F6398}" = Nero Blu-ray Player
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.10) - Czech
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B166374C-105E-445E-8E5D-A86CA5742645}" = Nero Burning Core
"{B791E0AB-87A9-41A4-8D98-D13C2E37D928}" = Nero Info
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C2A4BAE3-A4E9-4B01-B33D-EF68B976CA70}" = Nero Video
"{CDFE8F95-F80F-4115-9C3F-0E1FD8F9F58C}" = Nero ControlCenter Help (CHM)
"{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}" = Nero Launcher
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E5297CC6-DD4E-40F3-BD0A-FB1D085F6751}}_is1" = Maurus Gaming Mouse
"{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4}" = Nero Express
"{EDB188F5-D8E8-42EE-89E0-F212DA48CB81}" = Nokia Suite
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}" = Nero Burning ROM
"{F69D4104-5394-4F7C-801C-D96DC92E7F69}" = Nero RescueAgent Help (CHM)
"{F9000000-0001-0000-0000-074957833700}" = ABBYY FineReader 9.0 Professional Edition
"{FA78CC15-9F90-443B-BA61-A66595F06432}" = Nero Burning ROM Help (CHM)
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.1
"Battle.net" = Battle.net
"BSPlayerp" = BS.Player PRO
"Diablo II" = Diablo II
"Diablo III" = Diablo III
"Fishdom 3 Collector's Edition" = Fishdom 3 Collector's Edition
"HP Photo Creations" = HP Photo Creations
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Mozilla Firefox 30.0 (x86 cs)" = Mozilla Firefox 30.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"O2CZ" = O2
"Torchlight II_is1" = Torchlight II v1.25.5.2
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3128138035-3014723401-4134321253-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.6.2014 11:22:23 | Computer Name = Verunka | Source = NvStreamSvc | ID = 131073
Description =
Error - 17.6.2014 11:23:40 | Computer Name = Verunka | Source = WinMgmt | ID = 10
Description =
Error - 17.6.2014 13:20:48 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 17.6.2014 14:49:45 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 18.6.2014 10:24:18 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 19.6.2014 11:29:22 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 20.6.2014 1:16:03 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 20.6.2014 18:31:49 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 21.6.2014 13:08:15 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 22.6.2014 8:49:41 | Computer Name = Verunka | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ System Events ]
Error - 21.4.2014 16:11:28 | Computer Name = Verunka | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 21.4.2014 16:12:14 | Computer Name = Verunka | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 21.4.2014 16:12:59 | Computer Name = Verunka | Source = DCOM | ID = 10000
Description =
Error - 21.4.2014 16:13:05 | Computer Name = Verunka | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 21.4.2014 16:13:16 | Computer Name = Verunka | Source = Microsoft-Windows-Kernel-General | ID = 6
Description =
Error - 21.4.2014 16:15:26 | Computer Name = Verunka | Source = DCOM | ID = 10010
Description =
Error - 21.4.2014 16:16:51 | Computer Name = Verunka | Source = Service Control Manager | ID = 7023
Description = Služba Systémový čas byla ukončena s následující chybou: %%1115
Error - 23.4.2014 0:30:32 | Computer Name = Verunka | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (0:36:24, ?23.?4.?2014) bylo neočekávané.
Error - 26.4.2014 13:47:51 | Computer Name = Verunka | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (18:48:21, ?26.?4.?2014) bylo neočekávané.
Error - 28.4.2014 11:43:33 | Computer Name = Verunka | Source = DCOM | ID = 10010
Description =
< End of report >
Re: Prosím o kontrolu logu
Proc tam mate crack na Ccleaner, kdyz ma funkcni free verzi? 
Napiste mi velikost adresare plochy (C:\Users\Owner\Desktop)
Vypnete antivir, at nebrani programu v praci. Znovu spustte OTL jako spravceDo spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)
Kód: Vybrat vše
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]
:services
MBAMSwissArmy
AdobeARMservice
NAUpdate
gupdate
AdobeFlashPlayerUpdateSvc
gupdatem
:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore1cf6aaf336911e0.job
C:\windows\tasks\GoogleUpdateTaskMachineUA1cf8bfc68f64773.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001Core1cf4c47c02b066f.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3128138035-3014723401-4134321253-1001UA1cf6b52a585a103.job
:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
O4 - HKLM..\Run: [] File not found
O4 - Startup: C:\Users\Martinek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor technologie Intel(R) Turbo Boost 2.0.lnk = File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor technologie Intel(R) Turbo Boost 2.0.lnk = File not found
O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk = File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O15 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-3128138035-3014723401-4134321253-1001\..Trusted Domains: localhost ([]http in Internet)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[4 C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\windows\Installer\*.tmp files -> C:\windows\Installer\*.tmp -> ]
[2 C:\windows\Panther\*.tmp files -> C:\windows\Panther\*.tmp -> ]
[1 C:\windows\System32\catroot\*.tmp files -> C:\windows\System32\catroot\*.tmp -> ]
[994 C:\windows\temp\*.tmp files -> C:\windows\temp\*.tmp -> ]
@Alternate Data Stream - 6144 bytes -> C:\windows\Cursors\arrow_n.cur:NEDTA.DAT
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"uTorrent"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""=-
"Adobe ARM"=-
Po restartu se objevi novy log, ten sem dejte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?