Kontrola ntb

Zpráva

jaruzo · #1 Příspěvek od **jaruzo** » 02 zář 2014 21:57

Zdravím, poprosil by som o kontrolu, začali mi vyskakovať záložky a okná s reklamami pri akomkolvek kliknutí s myšou a prehliadač je niekedy zamrznutý, díky:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jaro at 2014-09-02 22:46:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 40 GB (20%) free of 205 GB
Total RAM: 3692 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:46:50, on 2. 9. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\QuickTime\QTTask.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\Program Files\trend micro\Jaro.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: CheapMe - {33F78302-9C8F-34A8-99CB-FDEAD41A8BE6} - C:\ProgramData\CheapMe\P3I.dll
O2 - BHO: ExstraCOupon - {351FD006-EEC8-71F8-EDE1-5A4723F0FFBD} - C:\ProgramData\ExstraCOupon\NiEIsZz.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: pruiceCChop - {A2B357BB-43EF-3E6C-1F1C-221CF4FF5A39} - C:\Program Files (x86)\pruiceCChop\QDBUGVIwC.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adblocker - {E3B5DC0F-FE81-6BDD-48B8-501A5248FBA0} - C:\Program Files (x86)\Adblocker\AplN.dll
O2 - BHO: NetoCoupon - {ECA97710-35D5-E775-6381-93721E1E43E2} - C:\ProgramData\NetoCoupon\bxTHUhHsLX.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: Download video on this page - res://C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll/300
O8 - Extra context menu item: Download video this links to - res://C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll/301
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Download Video - {731DC20B-51DE-4681-BBB9-69593E9F99A2} - res://C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll/300 (file missing)
O9 - Extra 'Tools' menuitem: Download video on this page - {731DC20B-51DE-4681-BBB9-69593E9F99A2} - res://C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll/300 (file missing)
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Rich Media Downloader - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - (no file)
O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: c:\progra~2\pc_boo~1\assist~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12718 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {C0501DE4-61CE-4A36-BE8E-6C8988E9701A}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\rundll32.exe" "c:\progra~2\pc_boo~1\AssistantSvc.dll",service
"C:\Windows\system32\rundll32.exe" "c:\progra~2\pc_boo~1\AssistantSvc.dll",service
"C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2160
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"taskhost.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\AsScrPro.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {0DBCC38F-7D87-427C-922F-FD0FB9E0CC34}
"c:\programdata\greenbay app\pc_booster\PC_Booster.exe" /schedule /profile "c:\programdata\greenbay app\pc_booster\3444175751.ini"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
taskeng.exe {26A1BF60-D02F-4E07-AF06-E89A5DE0158C}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
"C:\Program Files (x86)\syncables\syncables desktop\syncables.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" -Xms56m -Xmx112m -classpath .;syncables.jar migoDesktop.migoDesktopMain sid=S-1-5-21-1799708505-3246337621-3321167157-1001
"C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
"MOM"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe" @@5f3a8671-a898-4803-ba70-924eda8722db 7876c707-5a67-4632-9caa-01640c926c81 Odovzdať položku 666
C:\Windows\system32\svchost.exe -k SDRSVC

/QuitInfo:000000000000071C;00000000000006F8; /ManualLaunch
/loadhooks /Parent:0000000000000B54
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=148.160c8470.1565360666 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 148 "\\.\pipe\gecko-crash-server-pipe.148" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe" --proxy-stub-channel=Flash3716.6B500D80.26261 --host-broker-channel=Flash3716.6B500D80.2930 --host-pid=3716 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe" --channel=5724.002DF608.264919160 --proxy-stub-channel=Flash3716.6B500D80.26261 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Jaro\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\PC_Booster-S-3444175751.job - c:\programdata\greenbay app\pc_booster\PC_Booster.exe /schedule /profile "c:\programdata\greenbay app\pc_booster\3444175751.ini"

=========Mozilla firefox=========

ProfilePath - C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.179 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.179 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppluginrichmediaplayer.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default\extensions\
et_h@iyeeubx-.co.uk
eyi0mbkr@vptgbv-.net
handy@egkp.co.uk
iuufff@hph-.edu
tna0_efxt@hthrayuho.net

C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default\searchplugins\
ask-web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33F78302-9C8F-34A8-99CB-FDEAD41A8BE6}]
CheapMe - C:\ProgramData\CheapMe\P3I.x64.dll [2014-07-29 505344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{351FD006-EEC8-71F8-EDE1-5A4723F0FFBD}]
ExstraCOupon - C:\ProgramData\ExstraCOupon\NiEIsZz.x64.dll [2014-08-12 398336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2B357BB-43EF-3E6C-1F1C-221CF4FF5A39}]
pruiceCChop - C:\Program Files (x86)\pruiceCChop\QDBUGVIwC.x64.dll [2014-07-22 514048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2011-01-12 318960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3B5DC0F-FE81-6BDD-48B8-501A5248FBA0}]
Adblocker - C:\Program Files (x86)\Adblocker\AplN.x64.dll [2014-07-22 514048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECA97710-35D5-E775-6381-93721E1E43E2}]
NetoCoupon - C:\ProgramData\NetoCoupon\bxTHUhHsLX.x64.dll [2014-08-05 505344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33F78302-9C8F-34A8-99CB-FDEAD41A8BE6}]
CheapMe - C:\ProgramData\CheapMe\P3I.dll [2014-07-29 449024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{351FD006-EEC8-71F8-EDE1-5A4723F0FFBD}]
ExstraCOupon - C:\ProgramData\ExstraCOupon\NiEIsZz.dll [2014-08-12 332800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2B357BB-43EF-3E6C-1F1C-221CF4FF5A39}]
pruiceCChop - C:\Program Files (x86)\pruiceCChop\QDBUGVIwC.dll [2014-07-22 457728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3B5DC0F-FE81-6BDD-48B8-501A5248FBA0}]
Adblocker - C:\Program Files (x86)\Adblocker\AplN.dll [2013-07-22 457728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECA97710-35D5-E775-6381-93721E1E43E2}]
NetoCoupon - C:\ProgramData\NetoCoupon\bxTHUhHsLX.dll [2014-08-05 449024]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-18 2189416]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-01-07 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-07 379040]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-12-31 2587944]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-06 222496]
"Syncables"=C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-07-19 370480]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-05-08 21441152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-05-20 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-03 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-18 11785832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [2010-07-10 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-09-08 343168]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-04-19 336952]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2010-05-25 619008]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-09-02 22:46:28 ----D---- C:\rsit
2014-08-27 21:22:57 ----A---- C:\Windows\system32\win32k.sys
2014-08-27 21:22:56 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-27 21:22:56 ----A---- C:\Windows\system32\gdi32.dll
2014-08-22 20:45:28 ----A---- C:\Windows\system32\wups2.dll
2014-08-22 20:45:28 ----A---- C:\Windows\system32\wucltux.dll
2014-08-22 20:45:28 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-22 20:45:27 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-22 20:45:06 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-22 20:45:06 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-22 20:45:06 ----A---- C:\Windows\system32\wups.dll
2014-08-22 20:45:06 ----A---- C:\Windows\system32\wudriver.dll
2014-08-22 20:45:06 ----A---- C:\Windows\system32\wuapi.dll
2014-08-22 20:45:05 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-22 20:44:50 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-22 20:44:50 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-22 20:44:50 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-22 20:44:50 ----A---- C:\Windows\system32\wuapp.exe
2014-08-15 23:15:10 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-15 23:15:10 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-15 23:15:10 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-15 23:15:10 ----A---- C:\Windows\system32\icardagt.exe
2014-08-15 23:15:09 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-15 23:15:09 ----A---- C:\Windows\system32\icardres.dll
2014-08-15 23:14:45 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-15 23:14:45 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-15 20:27:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-15 20:27:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-15 20:27:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-15 20:27:54 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-15 20:27:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-15 20:27:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-15 20:27:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-15 20:27:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-15 20:27:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-15 20:27:53 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-15 20:27:53 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 20:27:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-15 20:27:51 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-15 20:27:51 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-15 20:27:51 ----A---- C:\Windows\system32\urlmon.dll
2014-08-15 20:27:51 ----A---- C:\Windows\system32\iernonce.dll
2014-08-15 20:27:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 20:27:51 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-15 20:27:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-15 20:27:50 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-15 20:27:50 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-15 20:27:50 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-15 20:27:50 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-15 20:27:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-15 20:27:50 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-15 20:27:49 ----A---- C:\Windows\system32\iesetup.dll
2014-08-15 20:27:48 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-15 20:27:47 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-15 20:27:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-15 20:27:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-15 20:27:47 ----A---- C:\Windows\system32\iertutil.dll
2014-08-15 20:27:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-15 20:27:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-15 20:27:46 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-15 20:27:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-15 20:27:46 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-15 20:27:46 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-15 20:27:45 ----A---- C:\Windows\system32\ieui.dll
2014-08-15 20:27:45 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-15 20:27:44 ----A---- C:\Windows\system32\ieframe.dll
2014-08-15 20:27:43 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-15 20:27:43 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-15 20:27:43 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-15 20:27:43 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-15 20:27:42 ----A---- C:\Windows\system32\vbscript.dll
2014-08-15 20:27:42 ----A---- C:\Windows\system32\jscript9.dll
2014-08-15 20:27:42 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-15 20:27:41 ----A---- C:\Windows\system32\wininet.dll
2014-08-15 20:27:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-15 20:27:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 20:27:40 ----A---- C:\Windows\system32\msrating.dll
2014-08-15 20:27:39 ----A---- C:\Windows\system32\mshtml.dll
2014-08-15 20:24:30 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-15 20:24:11 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-15 20:24:11 ----A---- C:\Windows\system32\tzres.dll
2014-08-15 20:23:29 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-15 20:23:29 ----A---- C:\Windows\system32\msi.dll
2014-08-15 20:23:28 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-15 20:23:28 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-15 20:23:28 ----A---- C:\Windows\system32\msihnd.dll
2014-08-15 20:23:28 ----A---- C:\Windows\system32\consent.exe
2014-08-15 20:23:28 ----A---- C:\Windows\system32\authui.dll
2014-08-15 20:22:58 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-15 20:22:00 ----A---- C:\Windows\system32\shell32.dll
2014-08-15 20:21:59 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-15 20:21:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-15 20:21:04 ----A---- C:\Windows\system32\rpcrt4.dll
2014-08-12 21:21:20 ----D---- C:\ProgramData\ExstraCOupon
2014-08-05 20:42:39 ----D---- C:\ProgramData\NetoCoupon

======List of files/folders modified in the last 1 month======

2014-09-02 22:46:32 ----D---- C:\Windows\temp
2014-09-02 22:46:31 ----D---- C:\Program Files\trend micro
2014-09-02 22:44:47 ----D---- C:\Users\Jaro\AppData\Roaming\Skype
2014-09-02 20:06:44 ----D---- C:\Windows\system32\config
2014-09-02 19:55:03 ----SHD---- C:\System Volume Information
2014-09-02 19:47:58 ----D---- C:\Windows\system32\Tasks
2014-09-02 19:47:39 ----HD---- C:\ASUS.DAT
2014-09-01 21:02:31 ----D---- C:\Windows\System32
2014-09-01 21:02:31 ----D---- C:\Windows\inf
2014-09-01 21:02:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-01 18:34:59 ----A---- C:\Windows\system32\acovcnt.exe
2014-08-28 20:34:15 ----D---- C:\Windows\winsxs
2014-08-28 20:32:53 ----D---- C:\Windows\SysWOW64
2014-08-27 21:20:03 ----D---- C:\Windows\system32\catroot
2014-08-22 21:32:47 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-08-22 21:32:47 ----D---- C:\Windows\system32\sk-SK
2014-08-22 20:45:46 ----D---- C:\Windows\system32\catroot2
2014-08-18 20:40:47 ----D---- C:\Windows\Microsoft.NET
2014-08-18 19:59:04 ----RSD---- C:\Windows\assembly
2014-08-16 13:28:08 ----D---- C:\Windows\ehome
2014-08-16 13:28:05 ----RSD---- C:\Windows\Fonts
2014-08-16 13:27:47 ----D---- C:\Windows\system32\drivers
2014-08-16 13:27:46 ----D---- C:\Program Files\Internet Explorer
2014-08-16 13:27:45 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-16 13:27:43 ----D---- C:\Windows\PolicyDefinitions
2014-08-16 13:27:42 ----D---- C:\Windows\system32\en-US
2014-08-16 13:27:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-15 23:21:39 ----D---- C:\Windows\system32\MRT
2014-08-15 23:21:35 ----A---- C:\Windows\system32\MRT.exe
2014-08-13 20:46:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-08-12 21:21:42 ----D---- C:\ProgramData\88f3b5a45b0a0b65
2014-08-12 21:21:20 ----D---- C:\ProgramData
2014-08-08 21:26:38 ----D---- C:\Windows\Prefetch
2014-08-05 09:20:00 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-11-04 75904]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-11-04 38016]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-04-19 126912]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-29 10203648]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-29 310784]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-01-07 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-07 231440]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-01-07 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-01-07 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-01-07 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-01-07 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-01-07 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-01-07 279200]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-31 138024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-18 2814952]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2011-01-18 250984]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 248642b4;PC_Sustainer; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-29 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-02-02 354304]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-01-07 53920]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-01-14 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-13 262320]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-01-12 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-22 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-04-24 572096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-22 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 03 zář 2014 01:52

Zdravim

Pouzivate nejaky antivir?

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

jaruzo · #3 Příspěvek od **jaruzo** » 03 zář 2014 21:23

Díky, takže:

1) antivir nepoužívam, mám zlé skúsenosti

2) dnes keď som zapol ntb, stalo sa to, že po spustení prehliadača (Mozilla) sa mi reklamné okno zobrazilo v strede stránky a nedalo sa zrušiť, vôbec som sa nevedel dostať na žiadnu stránku, prehliadač ostal úplne zablokovaný, nedalo sa s ním pracovať. Musel som teda otvoriť (po dlhých rokoch) Internet Explorer a stiahnuť AdwCleaner cez IE.
Po scane a reštarte už funguje Mozilla, že by to pomohlo?

# AdwCleaner v3.309 - Report created 03/09/2014 at 22:07:39
# Updated 02/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jaro - JARO-PC
# Running from : C:\Users\Jaro\Desktop\adwcleaner_3.309.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : 248642b4

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Adblocker
Folder Deleted : C:\ProgramData\IBUpdaterService
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\CheapMe
Folder Deleted : C:\ProgramData\ExstraCOupon
Folder Deleted : C:\ProgramData\NetoCoupon
Folder Deleted : C:\ProgramData\pruiceCChop
Folder Deleted : C:\Program Files (x86)\Adblocker
Folder Deleted : C:\Program Files (x86)\PC_booster
Folder Deleted : C:\Program Files (x86)\pruiceCChop
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Jaro\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Jaro\AppData\Local\torch
Folder Deleted : C:\Users\Jaro\AppData\Roaming\iWin
Folder Deleted : C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default\FromDocToPDF_65
Folder Deleted : C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default\Extensions\et_h@iyeeubx-.co.uk
Folder Deleted : C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default\Extensions\eyi0mbkr@vptgbv-.net
Folder Deleted : C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default\Extensions\handy@egkp.co.uk
Folder Deleted : C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default\Extensions\iuufff@hph-.edu
Folder Deleted : C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default\Extensions\tna0_efxt@hthrayuho.net
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
Folder Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
[!] Folder Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
[!] Folder Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
[!] Folder Deleted : C:\Users\Jaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coepfkaedkhegfofmifpkninonenmjcc
File Deleted : C:\Users\Jaro\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default\invalidprefs.js
File Deleted : C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default\searchplugins\ask-web-search.xml

***** [ Scheduled Tasks ] *****

Task Deleted : BrowserProtect
Task Deleted : EPUpdater
Task Deleted : PC_Booster-S-3444175751

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CheapMe.CheapMe
Key Deleted : HKLM\SOFTWARE\Classes\CheapMe.CheapMe.5.1
Key Deleted : HKLM\SOFTWARE\Classes\ExsttrraCioeuponn.ExsttrraCioeuponn
Key Deleted : HKLM\SOFTWARE\Classes\ExsttrraCioeuponn.ExsttrraCioeuponn.4.3
Key Deleted : HKLM\SOFTWARE\Classes\prIucechop.prIucechop
Key Deleted : HKLM\SOFTWARE\Classes\prIucechop.prIucechop.3.9
Key Deleted : HKLM\SOFTWARE\Classes\Adblocker.Adblocker
Key Deleted : HKLM\SOFTWARE\Classes\Adblocker.Adblocker.1.0
Key Deleted : HKLM\SOFTWARE\Classes\NeutoCOupon.NeutoCOupon
Key Deleted : HKLM\SOFTWARE\Classes\NeutoCOupon.NeutoCOupon.6.1
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-3444175751
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{248642b4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33F78302-9C8F-34A8-99CB-FDEAD41A8BE6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{351FD006-EEC8-71F8-EDE1-5A4723F0FFBD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2B357BB-43EF-3E6C-1F1C-221CF4FF5A39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E3B5DC0F-FE81-6BDD-48B8-501A5248FBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ECA97710-35D5-E775-6381-93721E1E43E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33F78302-9C8F-34A8-99CB-FDEAD41A8BE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{351FD006-EEC8-71F8-EDE1-5A4723F0FFBD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2B357BB-43EF-3E6C-1F1C-221CF4FF5A39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3B5DC0F-FE81-6BDD-48B8-501A5248FBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECA97710-35D5-E775-6381-93721E1E43E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{33F78302-9C8F-34A8-99CB-FDEAD41A8BE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{351FD006-EEC8-71F8-EDE1-5A4723F0FFBD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A2B357BB-43EF-3E6C-1F1C-221CF4FF5A39}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E3B5DC0F-FE81-6BDD-48B8-501A5248FBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ECA97710-35D5-E775-6381-93721E1E43E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{33F78302-9C8F-34A8-99CB-FDEAD41A8BE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{351FD006-EEC8-71F8-EDE1-5A4723F0FFBD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A2B357BB-43EF-3E6C-1F1C-221CF4FF5A39}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E3B5DC0F-FE81-6BDD-48B8-501A5248FBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ECA97710-35D5-E775-6381-93721E1E43E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{33F78302-9C8F-34A8-99CB-FDEAD41A8BE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{351FD006-EEC8-71F8-EDE1-5A4723F0FFBD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A2B357BB-43EF-3E6C-1F1C-221CF4FF5A39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E3B5DC0F-FE81-6BDD-48B8-501A5248FBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ECA97710-35D5-E775-6381-93721E1E43E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{33F78302-9C8F-34A8-99CB-FDEAD41A8BE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{351FD006-EEC8-71F8-EDE1-5A4723F0FFBD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A2B357BB-43EF-3E6C-1F1C-221CF4FF5A39}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E3B5DC0F-FE81-6BDD-48B8-501A5248FBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{ECA97710-35D5-E775-6381-93721E1E43E2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{36B445BF-1B84-466A-A623-A360A8CFF8C3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6CBF5C01-C876-481B-867E-111CB1D2A7D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AFB130D4-7DD2-41EB-A9AD-4C90414657F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33F78302-9C8F-34A8-99CB-FDEAD41A8BE6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{351FD006-EEC8-71F8-EDE1-5A4723F0FFBD}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2B357BB-43EF-3E6C-1F1C-221CF4FF5A39}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3B5DC0F-FE81-6BDD-48B8-501A5248FBA0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECA97710-35D5-E775-6381-93721E1E43E2}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\PC_Booster
Key Deleted : HKLM\SOFTWARE\PerformerSoft
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{317D8BB4-16C3-CFBD-3777-AED69667DA46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{98449C67-C7AF-BB53-112D-26C916814611}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6C44C71-2CFE-8176-3A4D-CBD0DCE5AEFA}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\pc_boo~1\assist~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\PC_BOO~1\ASSIST~2.DLL
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

-\\ Mozilla Firefox v31.0 (x86 sk)

[ File : C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default\prefs.js ]

Line Deleted : user_pref("extensions.1dHqB.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.n[...]
Line Deleted : user_pref("extensions.RFnBVnnzRib.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumo[...]
Line Deleted : user_pref("extensions.RFnBVnnzRib.url", "hxxp://jpisyncs.info/sync2/?q=hfZ9oehMhy8IrihEAen0rTUGrihTB6lKDzt4olqvtNtVh7n0rjnEpda8rjYGqdk8tMFHhd9Fqda4rdrFpjnFrjaMDMlGojUMAe4Uojr9qdnFpjgFpdYGrTYGqHnFrHYMC[...]
Line Deleted : user_pref("extensions.Tizeac.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.[...]
Line Deleted : user_pref("extensions.XnMjA9OxEr.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumor[...]
Line Deleted : user_pref("extensions.i3me.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.ne[...]
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com");

-\\ Google Chrome v

*************************

AdwCleaner[R3].txt - [16562 octets] - [03/09/2014 22:05:43]
AdwCleaner[S1].txt - [16194 octets] - [03/09/2014 22:07:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [16255 octets] ##########

#4 Příspěvek od **Márty84** » 04 zář 2014 02:18

jaruzo píše:1) antivir nepoužívam, mám zlé skúsenosti

Cistit nezabezpeceny pocitac je ztrata casu. Pokud tam priste nebude antivir, muze byt pomoc odmitnuta.

jaruzo píše:2) dnes keď som zapol ntb, stalo sa to, že po spustení prehliadača (Mozilla) sa mi reklamné okno zobrazilo v strede stránky a nedalo sa zrušiť, vôbec som sa nevedel dostať na žiadnu stránku, prehliadač ostal úplne zablokovaný, nedalo sa s ním pracovať. Musel som teda otvoriť (po dlhých rokoch) Internet Explorer a stiahnuť AdwCleaner cez IE.
Po scane a reštarte už funguje Mozilla, že by to pomohlo?

Program smazal spoooustu smeti, takze je mozne, ze to pomohlo

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

jaruzo · #5 Příspěvek od **jaruzo** » 04 zář 2014 20:54

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 4. 9. 2014
Čas skenování: 18:09:12
Protokol: mbam.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.09.04.05
Databáze rootkitů: v2014.08.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Jaro

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 589065
Uplynulý čas: 3 hod, 36 min, 24 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 2
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77}, , [6d38f3f626553ff749651a676a98c23e],
PUP.Optional.DefaultTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab, , [1f86b435f5864fe74ad157d08c77956b],

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 27
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Adblocker\AplN.dll.vir, , [5e47b138483364d2b6a89a0229d86c94],
PUP.Optional.Preload, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Adblocker\AplN.x64.dll.vir, , [4461eaff53286ec88715b5ec887960a0],
Trojan.SProtector, C:\AdwCleaner\Quarantine\C\Program Files (x86)\PC_booster\Assistant.dll.vir, , [178e5990a4d7c2745645c2a6f809827e],
Trojan.SProtector, C:\AdwCleaner\Quarantine\C\Program Files (x86)\PC_booster\AssistantSvc.dll.vir, , [50552cbdec8f1a1c2379600861a047b9],
Trojan.SProtector, C:\AdwCleaner\Quarantine\C\Program Files (x86)\PC_booster\Assistant_x64.dll.vir, , [01a45f8a4b302b0b1cea6e3a1fe2ff01],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\Program Files (x86)\pruiceCChop\QDBUGVIwC.dll.vir, , [297c28c1c1ba06306cf24359c8399b65],
PUP.Optional.Preload, C:\AdwCleaner\Quarantine\C\Program Files (x86)\pruiceCChop\QDBUGVIwC.x64.dll.vir, , [dacbecfdafcc51e56933bde4bd44c937],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\Adblocker\XKwAh.exe.vir, , [7134cd1ccab10333c8231b8440c18878],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\CheapMe\P3I.dll.vir, , [fda83aafd1aab284500e029a13ee748c],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\CheapMe\P3I.exe.vir, , [4164f5f47efdac8a49a2abf4a06115eb],
PUP.Optional.Preload, C:\AdwCleaner\Quarantine\C\ProgramData\CheapMe\P3I.x64.dll.vir, , [a6ff33b6304b78be0498c7da5fa2bc44],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\ExstraCOupon\NiEIsZz.dll.vir, , [dacbd910037843f3c5c0f8bb9f62ef11],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\ExstraCOupon\NiEIsZz.exe.vir, , [ced7f9f0c1ba350101ea316e02ff5ea2],
PUP.Optional.Preload, C:\AdwCleaner\Quarantine\C\ProgramData\ExstraCOupon\NiEIsZz.x64.dll.vir, , [baeb0cdd2a51191d7b21871af809d030],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\NetoCoupon\bxTHUhHsLX.dll.vir, , [9b0a37b28bf047efaeb0abf17d8453ad],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\NetoCoupon\bxTHUhHsLX.exe.vir, , [1293f2f70576d75f11da2679e918659b],
PUP.Optional.Preload, C:\AdwCleaner\Quarantine\C\ProgramData\NetoCoupon\bxTHUhHsLX.x64.dll.vir, , [e5c052970972f0463c60198834cd9b65],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\pruiceCChop\tT_6omuQh3.exe.vir, , [258005e4daa1d264816a356abb46c63a],
Virus.Xpaj, C:\dforce\Novawrld.exe, , [dfc6f2f78ceffc3a01830faba25e0000],
PUP.Optional.Booster.A, C:\ProgramData\GreenBay App\PC_Booster\PC_Booster.exe, , [fea759900279db5be00abfb1b34fdd23],
PUP.Optional.MultiPlug, C:\Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPICX5UW\EFug3[1].exe, , [f3b242a72f4c5bdbd7d84264ad543ac6],
PUP.Optional.Booster.A, C:\Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPICX5UW\agup[1].exe, , [e1c436b3dba0b284a743e48ca65c966a],
PUP.Optional.MultiPlug, C:\Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPICX5UW\Sb3U[1].exe, , [495c9158ccaffd39bff01195db263ec2],
PUP.Optional.MultiPlug, C:\Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPICX5UW\HE[1].exe, , [e4c1d514d8a32313b8f7891d936eda26],
PUP.Optional.MultiPlug, C:\Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTTYL9JJ\PX1hqm5Fb[1].exe, , [c0e5effae794ac8acbe47b2b877acb35],
Trojan.SProtector, C:\Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTTYL9JJ\tpq[1].exe, , [abfaaf3a413a15212f195a04a75a748c],
PUP.Optional.SweetIM, C:\Windows\Installer\2500e23.msi, , [33724a9f8af19d99f0f64ac8ef167789],

Fyzické sektory: 0
(No malicious items detected)

(end)

#6 Příspěvek od **Márty84** » 05 zář 2014 09:00

Vsechny nalezy hodte do karanteny. Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle toho zvolim dalsi postup.

jaruzo · #7 Příspěvek od **jaruzo** » 06 zář 2014 11:25

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 6. 9. 2014
Čas skenování: 9:04:32
Protokol: mbam.txt
Správce: Ano

Verze: 2.00.2.1012
Databáze malwaru: v2014.09.05.10
Databáze rootkitů: v2014.08.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Self-protection: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Jaro

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 591427
Uplynulý čas: 2 hod, 54 min, 56 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristics: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(No malicious items detected)

Moduly: 0
(No malicious items detected)

Klíče registru: 0
(No malicious items detected)

Hodnoty registru: 0
(No malicious items detected)

Data registru: 0
(No malicious items detected)

Složky: 0
(No malicious items detected)

Soubory: 0
(No malicious items detected)

Fyzické sektory: 0
(No malicious items detected)

(end)

#8 Příspěvek od **Márty84** » 08 zář 2014 03:23

MBAM odinstalujte a dejte novy log z RSIT

jaruzo · #9 Příspěvek od **jaruzo** » 08 zář 2014 22:36

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jaro at 2014-09-08 23:34:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 39 GB (19%) free of 205 GB
Total RAM: 3692 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:35:15, on 8. 9. 2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\QuickTime\QTTask.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\trend micro\Jaro.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: Download video on this page - res://C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll/300
O8 - Extra context menu item: Download video this links to - res://C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll/301
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Download Video - {731DC20B-51DE-4681-BBB9-69593E9F99A2} - res://C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll/300 (file missing)
O9 - Extra 'Tools' menuitem: Download video on this page - {731DC20B-51DE-4681-BBB9-69593E9F99A2} - res://C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll/300 (file missing)
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11479 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -switch-3be2f036c43042cdb03588591c9325c3
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2312
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
"C:\Program Files (x86)\syncables\syncables desktop\syncables.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
taskeng.exe {26CD519F-133E-4826-ABDA-1938A0129726}
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe" @@5f3a8671-a898-4803-ba70-924eda8722db 7876c707-5a67-4632-9caa-01640c926c81 Odovzdať položku 666
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\system32\svchost.exe -k SDRSVC
/QuitInfo:000000000000064C;0000000000000704; /ManualLaunch
/loadhooks /Parent:0000000000001B80

taskeng.exe {A35DEDFE-54E2-4295-B5D6-FDE702ABAF49}
"C:\Users\Jaro\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Jaro\AppData\Roaming\Mozilla\Firefox\Profiles\rp5dphv0.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.sk"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.179 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.65.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\ZEON/PDF,version=2.0]
"Description"=
"Path"=C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 14.0.0.179 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppluginrichmediaplayer.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2011-01-12 318960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-18 2189416]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-01-07 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-07 379040]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2010-12-31 2587944]
"Setwallpaper"=c:\programdata\SetWallpaper.cmd []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-06 222496]
"Syncables"=C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [2010-07-19 370480]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24 21646944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-05-20 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-03 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-18 11785832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Nuance PDF Reader-reminder"=C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [2008-11-03 328992]
"SonicMasterTray"=C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [2010-07-10 984400]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-09-24 1601536]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-09-08 343168]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-04-19 336952]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-03-17 421888]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2010-05-25 619008]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-09-04 18:02:48 ----D---- C:\ProgramData\Malwarebytes
2014-09-03 22:03:47 ----D---- C:\AdwCleaner
2014-09-02 22:46:28 ----D---- C:\rsit
2014-08-27 21:22:57 ----A---- C:\Windows\system32\win32k.sys
2014-08-27 21:22:56 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2014-08-27 21:22:56 ----A---- C:\Windows\system32\gdi32.dll
2014-08-22 20:45:28 ----A---- C:\Windows\system32\wups2.dll
2014-08-22 20:45:28 ----A---- C:\Windows\system32\wucltux.dll
2014-08-22 20:45:28 ----A---- C:\Windows\system32\wuauclt.exe
2014-08-22 20:45:27 ----A---- C:\Windows\system32\wuaueng.dll
2014-08-22 20:45:06 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-08-22 20:45:06 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-08-22 20:45:06 ----A---- C:\Windows\system32\wups.dll
2014-08-22 20:45:06 ----A---- C:\Windows\system32\wudriver.dll
2014-08-22 20:45:06 ----A---- C:\Windows\system32\wuapi.dll
2014-08-22 20:45:05 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-08-22 20:44:50 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-08-22 20:44:50 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-08-22 20:44:50 ----A---- C:\Windows\system32\wuwebv.dll
2014-08-22 20:44:50 ----A---- C:\Windows\system32\wuapp.exe
2014-08-15 23:15:10 ----A---- C:\Windows\SYSWOW64\infocardapi.dll
2014-08-15 23:15:10 ----A---- C:\Windows\SYSWOW64\icardagt.exe
2014-08-15 23:15:10 ----A---- C:\Windows\system32\infocardapi.dll
2014-08-15 23:15:10 ----A---- C:\Windows\system32\icardagt.exe
2014-08-15 23:15:09 ----A---- C:\Windows\SYSWOW64\icardres.dll
2014-08-15 23:15:09 ----A---- C:\Windows\system32\icardres.dll
2014-08-15 23:14:45 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-08-15 23:14:45 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-08-15 20:27:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-08-15 20:27:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-08-15 20:27:54 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-08-15 20:27:54 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-08-15 20:27:54 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-08-15 20:27:54 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-08-15 20:27:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-08-15 20:27:53 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-08-15 20:27:53 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-08-15 20:27:53 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-08-15 20:27:53 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 20:27:51 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-08-15 20:27:51 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-08-15 20:27:51 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-08-15 20:27:51 ----A---- C:\Windows\system32\urlmon.dll
2014-08-15 20:27:51 ----A---- C:\Windows\system32\iernonce.dll
2014-08-15 20:27:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 20:27:51 ----A---- C:\Windows\system32\ie4uinit.exe
2014-08-15 20:27:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-08-15 20:27:50 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-08-15 20:27:50 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-08-15 20:27:50 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-08-15 20:27:50 ----A---- C:\Windows\system32\msfeeds.dll
2014-08-15 20:27:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-08-15 20:27:50 ----A---- C:\Windows\system32\dxtmsft.dll
2014-08-15 20:27:49 ----A---- C:\Windows\system32\iesetup.dll
2014-08-15 20:27:48 ----A---- C:\Windows\system32\iedkcs32.dll
2014-08-15 20:27:47 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-08-15 20:27:47 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-08-15 20:27:47 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-08-15 20:27:47 ----A---- C:\Windows\system32\iertutil.dll
2014-08-15 20:27:46 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-08-15 20:27:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-08-15 20:27:46 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-08-15 20:27:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-08-15 20:27:46 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-08-15 20:27:46 ----A---- C:\Windows\system32\jsproxy.dll
2014-08-15 20:27:45 ----A---- C:\Windows\system32\ieui.dll
2014-08-15 20:27:45 ----A---- C:\Windows\system32\dxtrans.dll
2014-08-15 20:27:44 ----A---- C:\Windows\system32\ieframe.dll
2014-08-15 20:27:43 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-08-15 20:27:43 ----A---- C:\Windows\system32\mshtmled.dll
2014-08-15 20:27:43 ----A---- C:\Windows\system32\jscript9diag.dll
2014-08-15 20:27:43 ----A---- C:\Windows\system32\ieUnatt.exe
2014-08-15 20:27:42 ----A---- C:\Windows\system32\vbscript.dll
2014-08-15 20:27:42 ----A---- C:\Windows\system32\jscript9.dll
2014-08-15 20:27:42 ----A---- C:\Windows\system32\ieapfltr.dll
2014-08-15 20:27:41 ----A---- C:\Windows\system32\wininet.dll
2014-08-15 20:27:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-08-15 20:27:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 20:27:40 ----A---- C:\Windows\system32\msrating.dll
2014-08-15 20:27:39 ----A---- C:\Windows\system32\mshtml.dll
2014-08-15 20:24:30 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\system32\KBDRU.DLL
2014-08-15 20:24:30 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-08-15 20:24:11 ----A---- C:\Windows\SYSWOW64\tzres.dll
2014-08-15 20:24:11 ----A---- C:\Windows\system32\tzres.dll
2014-08-15 20:23:29 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-08-15 20:23:29 ----A---- C:\Windows\system32\msi.dll
2014-08-15 20:23:28 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-08-15 20:23:28 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-08-15 20:23:28 ----A---- C:\Windows\system32\msihnd.dll
2014-08-15 20:23:28 ----A---- C:\Windows\system32\consent.exe
2014-08-15 20:23:28 ----A---- C:\Windows\system32\authui.dll
2014-08-15 20:22:58 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-08-15 20:22:00 ----A---- C:\Windows\system32\shell32.dll
2014-08-15 20:21:59 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-08-15 20:21:04 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2014-08-15 20:21:04 ----A---- C:\Windows\system32\rpcrt4.dll

======List of files/folders modified in the last 1 month======

2014-09-08 23:34:55 ----D---- C:\Program Files\trend micro
2014-09-08 23:34:54 ----D---- C:\Windows\temp
2014-09-08 23:33:55 ----RD---- C:\Program Files (x86)
2014-09-08 23:33:55 ----D---- C:\Windows\system32\drivers
2014-09-08 23:29:19 ----D---- C:\Users\Jaro\AppData\Roaming\Skype
2014-09-08 21:22:36 ----D---- C:\Windows\system32\config
2014-09-08 21:12:11 ----D---- C:\Windows\system32\Tasks
2014-09-08 21:11:06 ----HD---- C:\ASUS.DAT
2014-09-07 23:01:53 ----SHD---- C:\System Volume Information
2014-09-06 13:13:30 ----D---- C:\Windows\System32
2014-09-06 13:13:30 ----D---- C:\Windows\inf
2014-09-06 13:13:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-09-06 00:29:21 ----A---- C:\Windows\system32\acovcnt.exe
2014-09-06 00:25:46 ----D---- C:\Windows\ASUS
2014-09-05 21:13:58 ----A---- C:\Windows\system32\ServiceFilter.ini
2014-09-04 18:02:48 ----D---- C:\ProgramData
2014-09-04 17:56:07 ----D---- C:\Windows\system32\catroot2
2014-09-03 22:07:44 ----D---- C:\Windows\Tasks
2014-09-03 21:39:21 ----SHD---- C:\Windows\Installer
2014-09-03 21:39:17 ----D---- C:\Program Files (x86)\Common Files
2014-09-03 21:39:11 ----D---- C:\ProgramData\Skype
2014-08-28 20:34:15 ----D---- C:\Windows\winsxs
2014-08-28 20:32:53 ----D---- C:\Windows\SysWOW64
2014-08-27 21:20:03 ----D---- C:\Windows\system32\catroot
2014-08-22 21:32:47 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-08-22 21:32:47 ----D---- C:\Windows\system32\sk-SK
2014-08-18 20:40:47 ----D---- C:\Windows\Microsoft.NET
2014-08-18 19:59:04 ----RSD---- C:\Windows\assembly
2014-08-16 13:28:08 ----D---- C:\Windows\ehome
2014-08-16 13:28:05 ----RSD---- C:\Windows\Fonts
2014-08-16 13:27:46 ----D---- C:\Program Files\Internet Explorer
2014-08-16 13:27:45 ----D---- C:\Windows\SYSWOW64\en-US
2014-08-16 13:27:43 ----D---- C:\Windows\PolicyDefinitions
2014-08-16 13:27:42 ----D---- C:\Windows\system32\en-US
2014-08-16 13:27:36 ----D---- C:\Program Files (x86)\Internet Explorer
2014-08-15 23:24:56 ----D---- C:\Windows\system32\MRT
2014-08-15 23:21:35 ----A---- C:\Windows\system32\MRT.exe
2014-08-13 20:46:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-08-12 21:21:42 ----D---- C:\ProgramData\88f3b5a45b0a0b65

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-11-04 75904]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-11-04 38016]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-04-19 126912]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-10-29 10203648]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-10-29 310784]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-01-07 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-06-07 231440]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-01-07 298144]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-01-07 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-01-07 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-01-07 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-01-07 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-01-07 279200]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-31 138024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-18 2814952]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2011-01-18 250984]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-10-29 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-02-02 354304]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 194496]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-01-07 53920]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-01-14 75136]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-13 262320]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-01-12 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-07-25 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-07-22 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-04-24 572096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-22 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

#10 Příspěvek od **Márty84** » 10 zář 2014 02:47

Jeste jeden sken a budem mazat.

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

jaruzo · #11 Příspěvek od **jaruzo** » 10 zář 2014 21:59

Uvedený scan som sa pokúšal urobiť 3 krát, ale vždy mi po čase vybehla iba hláška "Cannot create file....." a OTL ďalej nereagoval.

#12 Příspěvek od **Márty84** » 11 zář 2014 04:40

Obcas se to stane, ze OTL tuhle chybku vyhodi

Spustte ho podle stejneho navodu jeste jednou, ale s timto upravenym skriptem

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

jaruzo · #13 Příspěvek od **jaruzo** » 11 zář 2014 18:18

OTL.Txt

OTL logfile created on: 11. 9. 2014 18:12:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jaro\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 0000041b | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3,61 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 31,88% Memory free
7,21 Gb Paging File | 4,61 Gb Available in Paging File | 63,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,28 Gb Total Space | 37,20 Gb Free Space | 18,57% Space Free | Partition Type: NTFS
Drive D: | 240,48 Gb Total Space | 240,15 Gb Free Space | 99,86% Space Free | Partition Type: NTFS

Computer Name: JARO-PC | User Name: Jaro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/09/10 22:18:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jaro\Desktop\OTL.exe
PRC - [2014/07/22 22:25:45 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2012/04/19 05:57:44 | 000,336,952 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2012/01/14 13:34:11 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/05/20 10:26:06 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2010/10/07 23:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/09/24 01:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/17 23:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/07/19 22:26:00 | 000,370,480 | ---- | M] (syncables, LLC) -- C:\Program Files (x86)\syncables\syncables desktop\syncables.exe
PRC - [2010/07/19 22:26:00 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe
PRC - [2010/07/10 07:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
PRC - [2009/12/15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/11/03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/06/19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2009/05/06 02:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

========== Modules (No Company Name) ==========

MOD - [2014/07/22 22:25:44 | 003,800,688 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/01/18 13:21:56 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\ASUS\VirtualCamera\virtualCamera.ax
MOD - [2010/09/24 01:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2009/11/03 00:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/03 00:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/08/19 00:03:37 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/05/27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/10/29 10:59:42 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/02/02 07:57:32 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011/01/25 23:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/09/23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/17 14:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV - [2014/09/09 20:34:20 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/07/22 22:25:44 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/24 00:01:04 | 000,572,096 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/03/21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2012/01/14 13:34:11 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/01/07 05:06:56 | 000,053,920 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2009/12/15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/04/19 05:57:38 | 000,126,912 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/03/08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/29 10:59:53 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/10/29 10:59:38 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/08/17 11:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011/06/27 02:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/06/10 07:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/06/07 00:07:00 | 000,231,440 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/18 11:16:46 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2011/01/07 05:07:32 | 000,279,200 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/01/07 05:07:30 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/01/07 05:07:30 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/01/07 05:07:30 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/01/07 05:07:28 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/01/07 05:07:26 | 000,298,144 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/01/07 05:07:26 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2010/12/31 12:30:10 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010/11/29 10:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/04 12:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010/11/04 12:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010/02/18 18:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2010/07/26 22:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ASUT

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1799708505-3246337621-3321167157-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKU\S-1-5-21-1799708505-3246337621-3321167157-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1799708505-3246337621-3321167157-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1799708505-3246337621-3321167157-1001\..\SearchScopes\{48F77B9F-62FD-4EFD-8F51-7206F53B6EF9}: "URL" = http://www.mysearchresults.com/search?& ... earchTerms}
IE - HKU\S-1-5-21-1799708505-3246337621-3321167157-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
IE - HKU\S-1-5-21-1799708505-3246337621-3321167157-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.sk"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.65.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/10/11 16:33:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{78DADB4B-7468-4c1c-8612-00FBF356A9FF}: C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi [2013/07/30 17:09:48 | 000,012,301 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/07/22 22:25:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/22 22:25:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

[2011/07/21 20:57:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jaro\AppData\Roaming\mozilla\Extensions
[2014/09/03 22:07:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jaro\AppData\Roaming\mozilla\Firefox\Profiles\rp5dphv0.default\extensions
[2014/09/02 22:26:34 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Jaro\AppData\Roaming\mozilla\firefox\profiles\rp5dphv0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/07/22 22:25:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/07/22 22:25:34 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/07/22 22:25:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/22 22:25:34 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2014/07/22 22:25:45 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/03/12 10:27:46 | 000,093,976 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll

O1 HOSTS File: ([2013/08/22 22:32:14 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-21-1799708505-3246337621-3321167157-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-1799708505-3246337621-3321167157-1001..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\syncables.exe (syncables, LLC)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1799708505-3246337621-3321167157-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1799708505-3246337621-3321167157-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Download video on this page - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll (Kotato)
O8:64bit: - Extra context menu item: Download video this links to - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll (Kotato)
O8 - Extra context menu item: Download video on this page - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll (Kotato)
O8 - Extra context menu item: Download video this links to - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll (Kotato)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra Button: Download Video - {731DC20B-51DE-4681-BBB9-69593E9F99A2} - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll (Kotato)
O9 - Extra 'Tools' menuitem : Download video on this page - {731DC20B-51DE-4681-BBB9-69593E9F99A2} - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_IE.dll (Kotato)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6FF9CC92-CC32-4EB9-9421-0CFB4356991B}: DhcpNameServer = 195.80.171.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99930EF2-1F51-47BA-A6A7-32C75B8BBFFA}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\Windows\SysWOW64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\SysWOW64\ir32_32.dll (Intel(R) Corporation)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/09/11 18:07:41 | 000,000,000 | R--D | C] -- C:\Users\Jaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/09/11 00:37:51 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/09/11 00:37:51 | 000,440,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/09/11 00:37:49 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/09/11 00:37:49 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/09/11 00:37:49 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/09/11 00:37:49 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/09/11 00:37:49 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/09/11 00:37:49 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/09/11 00:37:48 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/09/11 00:37:48 | 000,446,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/09/11 00:37:48 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/09/11 00:37:48 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/09/11 00:37:48 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/09/11 00:37:48 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/09/11 00:37:47 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/09/11 00:37:47 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/09/11 00:37:47 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/09/11 00:37:46 | 000,727,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/09/11 00:37:46 | 000,707,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/09/11 00:37:46 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/09/11 00:37:46 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/09/11 00:37:46 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/09/11 00:37:45 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/09/11 00:37:45 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/09/11 00:37:43 | 001,249,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/09/11 00:37:43 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/09/11 00:37:43 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/09/11 00:37:43 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/09/11 00:37:43 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/09/11 00:37:42 | 001,068,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/09/11 00:37:42 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/09/11 00:37:42 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/09/11 00:37:38 | 005,833,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/09/11 00:37:37 | 002,014,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/09/11 00:37:36 | 002,104,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/09/11 00:29:13 | 002,777,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2014/09/11 00:29:13 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll
[2014/09/10 21:44:47 | 001,031,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/09/10 21:44:47 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/09/10 21:44:22 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/09/10 21:43:45 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/09/10 21:22:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jaro\Desktop\OTL.exe
[2014/09/04 18:02:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/09/03 22:03:47 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/09/03 22:00:03 | 000,000,000 | -HSD | C] -- C:\Users\Jaro\AppData\Local\EmieUserList
[2014/09/03 22:00:03 | 000,000,000 | -HSD | C] -- C:\Users\Jaro\AppData\Local\EmieSiteList
[2014/09/03 21:39:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/09/02 22:46:28 | 000,000,000 | ---D | C] -- C:\rsit
[2014/08/27 21:22:56 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/22 20:45:28 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/08/22 20:45:28 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/08/22 20:45:28 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/08/22 20:45:06 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/08/22 20:45:06 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/08/22 20:45:06 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/08/22 20:45:06 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/08/22 20:45:06 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/08/22 20:45:05 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2014/08/22 20:44:50 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/08/22 20:44:50 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/08/22 20:44:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/08/22 20:44:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/08/15 23:15:10 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe
[2014/08/15 23:15:10 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe
[2014/08/15 23:15:10 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll
[2014/08/15 23:15:10 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll
[2014/08/15 23:15:09 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll
[2014/08/15 23:15:09 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll
[2014/08/15 23:14:45 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe
[2014/08/15 23:14:45 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe
[2014/08/15 20:24:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDYAK.DLL
[2014/08/15 20:24:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDYAK.DLL
[2014/08/15 20:24:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDTAT.DLL
[2014/08/15 20:24:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDTAT.DLL
[2014/08/15 20:24:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU1.DLL
[2014/08/15 20:24:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDBASH.DLL
[2014/08/15 20:24:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU1.DLL
[2014/08/15 20:24:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDRU.DLL
[2014/08/15 20:24:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KBDRU.DLL
[2014/08/15 20:24:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\KBDBASH.DLL
[2014/08/15 20:23:29 | 003,241,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/08/15 20:23:28 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/08/15 20:23:28 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/08/15 20:23:28 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/08/15 20:23:28 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/08/15 20:23:28 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2014/08/15 20:21:04 | 001,216,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/09/11 18:24:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/11 18:21:33 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/09/11 18:13:14 | 002,861,910 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/09/11 18:13:14 | 002,200,488 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/09/11 18:13:14 | 000,006,454 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/09/11 18:12:15 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/11 18:12:15 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/11 18:07:34 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2014/09/11 18:07:32 | 000,000,035 | ---- | M] () -- C:\Users\Public\Documents\AtherosServiceConfig.ini
[2014/09/11 18:07:28 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/11 18:06:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/11 18:06:17 | 2903,236,608 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/11 00:34:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/09/10 22:18:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jaro\Desktop\OTL.exe
[2014/09/09 20:34:18 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/09/09 20:34:17 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/09/05 21:13:58 | 000,001,552 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2014/09/03 22:03:35 | 001,370,467 | ---- | M] () -- C:\Users\Jaro\Desktop\adwcleaner_3.309.exe
[2014/09/02 22:46:07 | 001,222,144 | ---- | M] () -- C:\Users\Jaro\Desktop\RSITx64.exe
[2014/08/28 23:51:24 | 000,118,152 | ---- | M] () -- C:\Users\Jaro\Desktop\Orange_doklad_FR_20140827_CN0032315780_32830216656.pdf
[2014/08/28 20:33:58 | 000,288,384 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/23 04:07:00 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2014/08/19 00:29:35 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/08/19 00:19:53 | 005,833,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/08/19 00:15:34 | 000,547,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/08/19 00:15:09 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/08/19 00:14:38 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/08/19 00:14:10 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/08/19 00:08:08 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/08/19 00:05:01 | 000,596,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/08/19 00:03:47 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/08/19 00:03:37 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/08/19 00:03:01 | 000,758,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/08/18 23:56:17 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/08/18 23:51:29 | 000,446,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/08/18 23:45:23 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/08/18 23:45:12 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/08/18 23:44:44 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/08/18 23:44:09 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/08/18 23:40:29 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/08/18 23:39:19 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/08/18 23:39:13 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/08/18 23:38:12 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/08/18 23:37:17 | 000,440,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/08/18 23:36:07 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/08/18 23:35:24 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/08/18 23:25:40 | 000,727,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/08/18 23:25:16 | 000,707,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/08/18 23:23:17 | 002,104,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/08/18 23:23:16 | 001,249,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/08/18 23:22:48 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/08/18 23:19:16 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/08/18 23:17:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/08/18 23:08:54 | 002,014,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/08/18 23:07:44 | 001,068,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/08/18 22:38:41 | 000,775,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/08/18 22:36:30 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/09/10 21:31:21 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/09/03 22:03:23 | 001,370,467 | ---- | C] () -- C:\Users\Jaro\Desktop\adwcleaner_3.309.exe
[2014/09/02 22:45:58 | 001,222,144 | ---- | C] () -- C:\Users\Jaro\Desktop\RSITx64.exe
[2014/09/01 22:04:53 | 000,118,152 | ---- | C] () -- C:\Users\Jaro\Desktop\Orange_doklad_FR_20140827_CN0032315780_32830216656.pdf
[2014/07/22 23:30:19 | 000,000,290 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/03/10 19:20:44 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Core Data Application
[2013/03/10 19:20:44 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Contextual Menu Items
[2013/03/10 19:20:44 | 000,000,268 | RH-- | C] () -- C:\Users\Jaro\AppData\Roaming\Configure Folder Actions
[2013/03/10 19:20:44 | 000,000,268 | RH-- | C] () -- C:\Users\Jaro\AppData\Roaming\Conditionals
[2013/03/10 19:20:44 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2013/03/10 19:20:43 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Contents
[2013/03/10 19:20:43 | 000,000,268 | RH-- | C] () -- C:\Users\Jaro\AppData\Roaming\Compressor
[2013/03/10 19:20:43 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2013/03/10 19:20:43 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/10/21 19:53:16 | 000,000,115 | ---- | C] () -- C:\Windows\wininit.ini
[2012/01/14 14:27:23 | 000,007,605 | ---- | C] () -- C:\Users\Jaro\AppData\Local\Resmon.ResmonCfg
[2011/07/23 18:31:32 | 000,013,312 | ---- | C] () -- C:\Users\Jaro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/12 16:44:17 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/25 04:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/25 03:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

jaruzo · #14 Příspěvek od **jaruzo** » 11 zář 2014 18:20

OTL.Txt

[2014/05/11 14:53:16 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\.minecraft
[2011/08/11 20:28:44 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Arkadium
[2014/07/20 19:15:39 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Asus WebStorage
[2014/07/22 23:34:46 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\DVDVideoSoft
[2013/05/11 12:08:55 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\EeeStorageUploader
[2012/02/11 22:00:30 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\GetRightToGo
[2012/10/21 13:25:00 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\IrfanView
[2012/03/24 13:52:43 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\KoshyJohn.com
[2014/07/28 20:55:36 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Kotato
[2013/03/10 19:31:51 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Nikon
[2011/07/21 22:50:34 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Nuance
[2012/01/14 12:27:58 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Origin
[2013/12/14 21:20:43 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\PhotoScape
[2011/10/28 23:15:53 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\PlayFirst
[2012/04/25 23:01:44 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\PowerISO
[2013/08/21 22:15:23 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Radiocom
[2013/01/12 20:33:14 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\skyz
[2014/09/11 00:28:20 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\SoftGrid Client
[2011/07/22 23:57:46 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\TP
[2013/05/04 20:32:58 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\uTorrent
[2011/07/21 22:50:32 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Zeon

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009/07/14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 07:08:49 | 000,032,542 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/04/02 07:16:38 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/04/13 22:07:10 | 000,000,928 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/04/13 22:07:12 | 000,000,932 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010/11/20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010/11/20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010/11/20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014/04/05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012/10/03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2011/09/29 19:41:37 | 001,912,176 | ---- | M] (Microsoft Corporation) MD5=3810F06A4D74A7D62641EE73D6B3C660 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[2013/05/08 08:14:42 | 001,900,392 | ---- | M] (Microsoft Corporation) MD5=3E94650745D4DAB67E161F5F32CEA597 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_11d29984961f0be0\tcpip.sys
[2013/09/08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014/04/05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010/11/20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013/09/07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012/08/22 20:06:13 | 001,901,936 | ---- | M] (Microsoft Corporation) MD5=7880A26B7D3B96FDA8EFD9F985036B1D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_117a13de9661c145\tcpip.sys
[2012/03/30 12:26:36 | 001,901,424 | ---- | M] (Microsoft Corporation) MD5=885B202006EE17AE99B9FBCEC9AF88C9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_11a27a8e9643d23a\tcpip.sys
[2011/04/25 07:33:51 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=92CE29D95AC9DD2D0EE9061D551BA250 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[2013/05/08 08:39:01 | 001,910,632 | ---- | M] (Microsoft Corporation) MD5=9849EA3843A2ADBDD1497E97A85D8CAE -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_11278ac57d1aa96b\tcpip.sys
[2011/06/21 08:20:30 | 001,914,752 | ---- | M] (Microsoft Corporation) MD5=A0EB71E0DC047C7CC95CD6AB4036296E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[2012/03/30 13:35:47 | 001,918,320 | ---- | M] (Microsoft Corporation) MD5=ACB82BDA8F46C84F465C1AFA517DC4B9 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_114ceccb7cff740d\tcpip.sys
[2013/07/06 07:20:38 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013/01/03 08:00:54 | 001,913,192 | ---- | M] (Microsoft Corporation) MD5=B62A953F2BF3922C8764A29C34A22899 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_112187237d20143a\tcpip.sys
[2011/04/25 08:16:34 | 001,927,552 | ---- | M] (Microsoft Corporation) MD5=B77977AEB2FF159D01DB08A309989C5F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[2013/01/04 07:47:43 | 001,901,416 | ---- | M] (Microsoft Corporation) MD5=B8C1AAC0523E1C33AEB0EF7572144BA2 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_11dd678a9616f2c8\tcpip.sys
[2012/10/03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013/07/06 08:03:53 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys
[2011/06/21 08:34:00 | 001,923,968 | ---- | M] (Microsoft Corporation) MD5=F0E98C00A09FDF791525829A1D14240F -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[2013/11/26 13:34:34 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=F55B41AA6114568AC558ADBABDA85620 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_11c3cc3c962abcc3\tcpip.sys
[2012/08/22 20:12:50 | 001,913,200 | ---- | M] (Microsoft Corporation) MD5=F782CAD3CEDBB3F9FFE3BF2775D92DDC -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_113380f37d117668\tcpip.sys
[2011/09/29 18:29:28 | 001,923,952 | ---- | M] (Microsoft Corporation) MD5=FC62769E7BFF2896035AEED399108162 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014/03/04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014/03/04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe

< >

< %systemroot%*.* /U /s >
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[33 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\System32\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[1 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[1 C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp files -> C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\*.tmp -> ]
[78 C:\Windows\temp\*.tmp files -> C:\Windows\temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/05/11 14:53:16 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\.minecraft
[2012/10/19 20:08:28 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Adobe
[2011/08/11 20:28:44 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Arkadium
[2014/07/20 19:15:39 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Asus WebStorage
[2011/08/11 18:36:40 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\ATI
[2011/07/23 00:29:22 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\CyberLink
[2014/07/22 23:34:46 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\DVDVideoSoft
[2013/05/11 12:08:55 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\EeeStorageUploader
[2011/07/21 22:50:37 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\FLEXnet
[2012/02/11 22:00:30 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\GetRightToGo
[2011/07/21 20:46:52 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Identities
[2012/10/21 13:25:00 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\IrfanView
[2012/03/24 13:52:43 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\KoshyJohn.com
[2014/07/28 20:55:36 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Kotato
[2011/07/21 20:59:35 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Macromedia
[2009/07/14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Media Center Programs
[2013/01/18 18:03:41 | 000,000,000 | --SD | M] -- C:\Users\Jaro\AppData\Roaming\Microsoft
[2011/07/21 20:57:57 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Mozilla
[2013/03/10 19:31:51 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Nikon
[2011/07/21 22:50:34 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Nuance
[2012/01/14 12:27:58 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Origin
[2013/12/14 21:20:43 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\PhotoScape
[2011/10/28 23:15:53 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\PlayFirst
[2012/04/25 23:01:44 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\PowerISO
[2013/08/21 22:15:23 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Radiocom
[2012/10/21 13:25:53 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Real
[2011/08/04 20:09:50 | 000,000,000 | RH-D | M] -- C:\Users\Jaro\AppData\Roaming\SecuROM
[2014/09/11 18:08:17 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Skype
[2013/01/12 20:33:14 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\skyz
[2014/09/11 00:28:20 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\SoftGrid Client
[2011/07/22 23:57:46 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\TP
[2013/05/04 20:32:58 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\uTorrent
[2011/07/31 22:38:31 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\WinRAR
[2011/07/21 22:50:32 | 000,000,000 | ---D | M] -- C:\Users\Jaro\AppData\Roaming\Zeon

< %APPDATA%\*.exe /s >
[2014/07/20 19:15:40 | 000,087,376 | ---- | M] (eCareme Technologies, Inc.) -- C:\Users\Jaro\AppData\Roaming\Asus WebStorage\EeeStorageUpdate.EXE
[2014/07/20 21:22:39 | 006,403,605 | ---- | M] (eCareme Technologies, Inc.) -- C:\Users\Jaro\AppData\Roaming\Asus WebStorage\Update\ASUSWebStorage3.0.108.222.exe
[2013/06/09 15:45:50 | 016,333,592 | ---- | M] (ASUS Cloud Corporation) -- C:\Users\Jaro\AppData\Roaming\Asus WebStorage\Update\ASUSWebStorage3.0.143.296.exe
[2011/12/06 06:18:36 | 000,785,489 | ---- | M] (KoshyJohn.com) -- C:\Users\Jaro\AppData\Roaming\KoshyJohn.com\MemClean\MemClean.exe
[2011/08/31 22:54:10 | 000,088,102 | R--- | M] () -- C:\Users\Jaro\AppData\Roaming\Microsoft\Installer\{0CAE2FF0-AFC9-733D-EC3C-04BCB6B3C06F}\ARPPRODUCTICON.exe
[2013/03/10 19:21:42 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Jaro\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
[2012/11/15 23:15:39 | 007,217,800 | ---- | M] (Power Software Ltd) -- C:\Users\Jaro\AppData\Roaming\PowerISO\Upgrade\PowerISO5.exe
[2012/08/10 18:02:21 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jaro\AppData\Roaming\Real\Update\temp\~Upg0\rnupgagent.exe
[2012/08/19 18:23:49 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jaro\AppData\Roaming\Real\Update\temp\~Upg1\rnupgagent.exe
[2012/09/24 20:38:40 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jaro\AppData\Roaming\Real\Update\temp\~Upg2\rnupgagent.exe
[2012/09/24 20:38:40 | 000,449,176 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jaro\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe
[2012/09/24 23:39:26 | 027,433,440 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jaro\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\stub_data\RealPlayer.exe
[2012/09/24 23:39:07 | 000,760,128 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Jaro\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\stub_exe\RealPlayer.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2014/09/11 18:34:16 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2014/09/11 18:07:28 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2014/09/11 18:24:00 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2014/09/09 20:34:18 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerApp.exe
[2014/09/09 20:34:17 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\FlashPlayerCPLApp.cpl
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< *crack* /s >
[2013/11/30 16:47:07 | 000,000,124 | ---- | M] () -- \Program Files (x86)\Valve\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo\materials\sprites\store\trails\crackedbeam.vmt
[2013/11/30 16:47:07 | 000,022,080 | ---- | M] () -- \Program Files (x86)\Valve\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo\materials\sprites\store\trails\crackedbeam.vtf
[2013/11/30 15:16:33 | 000,000,776 | ---- | M] () -- \Users\Jaro\AppData\Roaming\Microsoft\Windows\Recent\Euro-Truck-Simulator-2--V-1.3.1+key+patch+crack+mody.lnk
[2003/07/02 23:28:26 | 000,012,841 | ---- | M] () -- \Users\Jaro\Downloads\Delta Force 1(fullypcgames.blogspot.com\dfcdcrack.zip

< *keygen* /s >

< *AntiWPA* /s >

< *loader* /s >
[2010/09/17 10:58:44 | 000,012,976 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Common\UI\MiniBrowser.cmpt\resources\loader.js
[2010/09/17 10:58:44 | 000,000,608 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Common\UI\MiniBrowser.cmpt\resources\en-us.lproj\loader.html
[2010/09/17 10:33:10 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\SupportTool\32bit\utilGenericLoader.dll
[2010/09/17 10:33:10 | 000,030,864 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\SupportTool\64bit\utilGenericLoader.dll
[2010/09/30 18:56:42 | 000,003,671 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\DA-DK\loader.html
[2010/09/30 18:56:44 | 000,003,709 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\DE-DE\loader.html
[2010/09/30 18:56:42 | 000,003,664 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\EN-US\loader.html
[2010/09/30 18:56:44 | 000,003,657 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\ES-ES\loader.html
[2010/09/30 18:56:46 | 000,003,673 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\FR-CA\loader.html
[2010/09/30 18:56:46 | 000,003,673 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\FR-FR\loader.html
[2010/09/30 18:56:46 | 000,003,692 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\IT-IT\loader.html
[2010/09/30 18:56:48 | 000,003,730 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\JA-JP\loader.html
[2010/09/30 18:56:48 | 000,003,711 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\KO-KR\loader.html
[2010/09/30 18:56:50 | 000,003,677 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\NB-NO\loader.html
[2010/09/30 18:56:50 | 000,003,670 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\NL-NL\loader.html
[2010/09/30 18:56:50 | 000,003,679 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\PT-BR\loader.html
[2010/09/30 18:56:52 | 000,003,762 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\RU-RU\loader.html
[2010/09/30 18:56:52 | 000,003,670 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\SV-SE\loader.html
[2010/09/30 18:56:52 | 000,003,682 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\TR-TR\loader.html
[2010/09/30 18:56:54 | 000,003,650 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\ZH-CN\loader.html
[2010/09/30 18:56:54 | 000,003,650 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1710v0.0.0l1p-1r1o1\LocalHelp\ZH-TW\loader.html
[2010/09/17 10:32:56 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\UCPlugin\c17t1725v0.0.0l1p1r1o1\utilGenericLoader.dll
[2010/09/17 10:33:10 | 000,024,160 | ---- | M] () -- \eSupport\eDriver\Software\Trendmicro\TIS2011\Win7_32_Win7_64_3.0\Vizor32\utilGenericLoader.dll
[2010/03/16 03:48:38 | 000,079,184 | ---- | M] () -- \Program Files (x86)\ASUS\ASUS WebStorage\EeeStorageUploader.exe
[2010/06/22 14:00:02 | 000,710,144 | ---- | M] () -- \Program Files (x86)\Common Files\Nikon\Nikon File Uploader 2\NkFileUploader2.exe
[2010/06/22 13:59:38 | 000,012,800 | ---- | M] () -- \Program Files (x86)\Common Files\Nikon\Nikon File Uploader 2\NkFileUploader2Lang.dll
[2014/07/21 15:08:34 | 001,355,776 | ---- | M] () -- \Program Files (x86)\Kotato\YouTube Downloader\YouTubeDownloader.exe
[2005/09/19 12:30:30 | 000,001,825 | R--- | M] () -- \Program Files (x86)\Microsoft Games\Age of Empires III\AI\aiLoaderInactive.xs
[2005/09/19 12:30:30 | 000,001,575 | R--- | M] () -- \Program Files (x86)\Microsoft Games\Age of Empires III\AI\aiLoaderStandard.xs
[2013/10/23 22:07:40 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Valve\Steam\remoteui\static\libs\images\ajax-loader.gif
[2006/12/05 21:30:06 | 000,094,208 | ---- | M] () -- \Program Files (x86)\YouTube Video Downloader\YoutubeDownloader.exe
[2011/05/28 22:04:02 | 000,054,784 | ---- | M] () -- \Program Files\WinRAR\Formats\ace32loader.exe
[2014/07/22 23:36:52 | 000,001,261 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2012/10/11 16:33:18 | 000,012,512 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012/10/11 16:33:18 | 000,000,319 | ---- | M] () -- \ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012/10/21 19:54:02 | 000,000,530 | ---- | M] () -- \ProgramData\Spybot - Search & Destroy\Recovery\WinDownloaderbltu.zip
[2014/07/22 23:36:52 | 000,001,261 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\YouTube Downloader\YouTube Downloader.lnk
[2012/10/11 16:33:18 | 000,012,512 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.js
[2012/10/11 16:33:18 | 000,000,319 | ---- | M] () -- \Users\All Users\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\Chrome\Content\browserrecordloader.xul
[2012/10/21 19:54:02 | 000,000,530 | ---- | M] () -- \Users\All Users\Spybot - Search & Destroy\Recovery\WinDownloaderbltu.zip
[2014/03/16 21:56:47 | 000,001,870 | ---- | M] () -- \Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4BBTFJRD\AdLoader[1].htm
[2014/04/09 20:22:33 | 000,000,723 | ---- | M] () -- \Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4BBTFJRD\downloaderror[1].js
[2014/04/09 20:22:33 | 000,001,174 | ---- | M] () -- \Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4BBTFJRD\downloader[1].js
[2014/03/16 21:56:47 | 000,112,122 | ---- | M] () -- \Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPICX5UW\AdLoader-7b473315d0084c71df83cdee72aab144.min[1].js
[2014/09/09 20:59:05 | 000,018,715 | ---- | M] () -- \Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPICX5UW\AdLoader-a5fa12058ddb9a8919d6906ba95d7c57.min[1].js
[2014/07/02 10:16:43 | 000,001,980 | ---- | M] () -- \Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPICX5UW\AdLoader[1].htm
[2014/09/09 20:59:05 | 000,001,980 | ---- | M] () -- \Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SPICX5UW\AdLoader[3].htm
[2014/05/29 21:40:57 | 000,001,980 | ---- | M] () -- \Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TMS5TEDJ\AdLoader[1].htm
[2014/08/30 21:32:32 | 000,018,544 | ---- | M] () -- \Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTTYL9JJ\AdLoader-0ee9685baf8ff395a7119d551063e2d4.min[1].js
[2014/05/29 21:40:57 | 000,017,912 | ---- | M] () -- \Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTTYL9JJ\AdLoader-3b8e790904fffcf74f96367cd382e261.min[1].js
[2014/04/27 19:17:50 | 000,001,870 | ---- | M] () -- \Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTTYL9JJ\AdLoader[1].htm
[2014/09/03 22:00:29 | 000,002,942 | ---- | M] () -- \Users\Jaro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\821R2VV3\rmsloaderdelayed[1].js
[2014/07/01 11:46:16 | 000,072,638 | ---- | M] () -- \Users\Jaro\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/07/01 11:46:16 | 000,003,032 | ---- | M] () -- \Users\Jaro\AppData\Local\Skype\Apps\login\images\loader.png
[2014/07/01 11:46:16 | 000,006,012 | ---- | M] () -- \Users\Jaro\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/07/01 11:46:16 | 000,021,956 | ---- | M] () -- \Users\Jaro\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/07/01 11:46:16 | 000,009,772 | ---- | M] () -- \Users\Jaro\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014/07/18 00:50:51 | 000,000,629 | ---- | M] () -- \Users\Jaro\AppData\Local\Temp\DVDVideoSoft\freeytmp3downloader.htm
[2014/07/18 00:50:51 | 000,000,615 | ---- | M] () -- \Users\Jaro\AppData\Local\Temp\DVDVideoSoft\freeytvdownloader.htm
[2014/07/18 00:50:51 | 000,002,796 | ---- | M] () -- \Users\Jaro\AppData\Local\Temp\DVDVideoSoft\youtube_mp3_downloader_32_32.png
[2014/07/18 00:50:51 | 000,002,641 | ---- | M] () -- \Users\Jaro\AppData\Local\Temp\DVDVideoSoft\youtube_video_downloader_32_32.png
[2012/09/12 19:59:50 | 000,012,269 | ---- | M] () -- \Users\Jaro\AppData\Roaming\Adobe\.minecraft\ForgeModLoader-0.log
[2012/09/10 18:11:46 | 000,012,409 | ---- | M] () -- \Users\Jaro\AppData\Roaming\Adobe\.minecraft\ForgeModLoader-1.log
[2012/09/10 18:10:38 | 000,012,354 | ---- | M] () -- \Users\Jaro\AppData\Roaming\Adobe\.minecraft\ForgeModLoader-2.log
[2012/09/14 20:07:00 | 000,001,152 | ---- | M] () -- \Users\Jaro\AppData\Roaming\Adobe\.minecraft\ModLoader.txt
[2012/09/14 17:26:03 | 000,000,127 | ---- | M] () -- \Users\Jaro\AppData\Roaming\Adobe\.minecraft\config\ModLoader.cfg
[2014/07/16 13:33:52 | 000,004,856 | ---- | M] () -- \Users\Jaro\AppData\Roaming\DVDVideoSoft\backup\FreeYTVDownloaderProfile.xml
[2014/07/22 23:34:37 | 000,001,408 | ---- | M] () -- \Users\Jaro\AppData\Roaming\DVDVideoSoft\FreeYTVDownloader\FreeYTVDownloader.reg
[2014/07/22 23:34:46 | 000,095,229 | ---- | M] () -- \Users\Jaro\AppData\Roaming\DVDVideoSoft\logs\FreeYTVDownloader_uninstall.txt
[2014/07/22 23:24:45 | 000,127,437 | ---- | M] () -- \Users\Jaro\AppData\Roaming\DVDVideoSoft\logs\YTVDownloader_extra1.log
[2014/07/22 23:24:35 | 000,459,239 | ---- | M] () -- \Users\Jaro\AppData\Roaming\DVDVideoSoft\logs\YTVDownloader_extra2.log
[2014/07/19 11:09:29 | 000,008,294 | ---- | M] () -- \Users\Jaro\AppData\Roaming\DVDVideoSoft\logs\YTVDownloader_mui.log
[2014/07/19 11:09:29 | 000,045,138 | ---- | M] () -- \Users\Jaro\AppData\Roaming\DVDVideoSoft\logs\YTVDownloader_mui_wch.log
[2014/07/22 23:36:52 | 000,001,243 | ---- | M] () -- \Users\Public\Desktop\YouTube Downloader.lnk
[2014/09/11 18:08:56 | 000,134,680 | ---- | M] () -- \Windows\Prefetch\EEESTORAGEUPLOADER.EXE-1175A164.pf
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[1 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009/07/14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009/07/14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:04:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:44:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_68ce27a99276afec\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:21:03 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_68a9b6bd92929e63\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:38:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:38:48 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:00:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:40:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_694ff566ab99b7ac\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 07:12:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_691eb3faabbf8f66\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 20:09:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 07:32:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_6971452eab80a50e\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 07:11:20 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_692597a0abb965cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 07:37:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2009/07/14 07:37:37 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.efi.mui_35ee487d
[2009/07/14 07:37:37 | 000,033,344 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winload.exe.mui_3bc5b827
[2009/07/14 07:37:37 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.efi.mui_f412814e
[2009/07/14 07:37:37 | 000,029,760 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a_winresume.exe.mui_ff8b5358
[2011/07/23 16:10:05 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/07/23 16:10:06 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2011/07/23 16:10:06 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2011/07/23 16:10:06 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2011/07/23 16:10:06 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009/07/14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2009/07/14 04:44:20 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2010/11/20 06:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011/02/05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011/02/05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009/07/14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 08:13:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 07:47:28 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17625_none_0caf8c25da193eb6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/05/14 09:15:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/06/03 08:56:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21738_none_0d3159e2f33c4676\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/07/16 06:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/08/20 19:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 06:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/07/08 06:59:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22379_none_0d06fc1cf35bf496\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >

< *serial* /s >
[2014/05/13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/07/24 01:17:12 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014/07/11 00:24:10 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/06/22 13:40:05 | 000,712,704 | ---- | M] () -- \Program Files (x86)\Valve\Steam\SteamApps\common\Team Fortress 2\bin\dmserializers.dll
[2010/04/15 04:20:46 | 000,415,592 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.dll
[2010/04/15 04:20:46 | 000,141,168 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Runtime.Serialization.Json.dll
[2010/04/15 04:20:46 | 000,321,376 | ---- | M] () -- \Program Files (x86)\Windows Live\Mesh\System.Xml.Serialization.dll
[2014/05/13 23:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/07/24 01:18:34 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014/07/11 00:24:01 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/06/24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/09/11 18:34:20 | 002,347,008 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\00c35eb74751496223e687c7f827836b\System.Runtime.Serialization.ni.dll
[2014/09/11 18:11:20 | 000,310,784 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\98ef60dc57d7118bcfada88a10a9f9c8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/08/16 14:09:51 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\3145191cc18ac203c38cb3708d914ddd\System.Runtime.Serialization.ni.dll
[2014/09/11 18:36:45 | 003,073,536 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\42223d4a72c5689046f135df444d6981\System.Runtime.Serialization.ni.dll
[2014/09/11 18:26:20 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5308caa4ad872301e40b3d9ec8bf9037\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/08/16 13:45:34 | 000,396,288 | ---- | M] () -- \Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\63db8473882e5b945c5da27a45c4ee31\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/27 02:09:13 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/27 02:09:13 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\abb3fbf787b74b7d2513a8c409b5ef74\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/09/11 00:40:52 | 000,309,760 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/09/11 00:40:52 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runt9064068c#\e67230bbca0858b6ff4caccfb4595fa8\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/09/11 00:41:28 | 002,822,144 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\c2d1735e9f72e974cd34063a714a309f\System.Runtime.Serialization.ni.dll
[2014/09/11 00:41:28 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\c2d1735e9f72e974cd34063a714a309f\System.Runtime.Serialization.ni.dll.aux
[2014/02/27 02:09:58 | 002,825,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
[2014/02/27 02:09:58 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll.aux
[2014/02/27 08:58:16 | 000,026,624 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll
[2014/02/27 08:58:16 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.84e525b7#\94ce7a3b39b335283a0087f9964e9099\System.Xml.Serialization.ni.dll.aux
[2014/02/27 09:07:33 | 000,376,832 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/02/27 09:07:33 | 000,000,580 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\3b1e2119f9cdfbc454bf08eb1ed9f023\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/02/27 09:12:06 | 003,640,320 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
[2014/02/27 09:12:06 | 000,001,308 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll.aux
[2014/02/27 09:19:30 | 000,028,672 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll
[2014/02/27 09:19:30 | 000,000,376 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.84e525b7#\7c4a5c747f2dcdac0329022b43a7be6b\System.Xml.Serialization.ni.dll.aux
[2013/09/11 23:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.amd64
[2013/09/11 23:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll.x86
[2013/09/11 23:33:38 | 001,052,320 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\BE4EBED704B66673BB53C5BB3C58AD73\4.5.50938\System.Runtime.Serialization.dll_gac_x86
[2013/09/11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/09/11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014/07/23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/09/11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/09/11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014/06/24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2014/06/24 01:43:09 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2014/07/11 00:24:02 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/23 01:17:44 | 001,050,840 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/09/11 23:33:38 | 000,133,344 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/09/11 22:21:54 | 000,022,208 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/09/11 22:21:54 | 000,022,176 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/09/11 22:21:54 | 000,036,480 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/09/11 22:21:54 | 000,022,656 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2014/07/14 05:53:34 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_ar-sa_da645b15477ad9eb.manifest
[2014/07/14 06:02:27 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_cs-cz_342c98db84249bf9.manifest
[2014/07/14 06:06:27 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_da-dk_62279955a1ab0e32.manifest
[2014/07/14 05:56:22 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_de-de_626c7a05a176cbe8.manifest
[2014/07/14 05:52:56 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_el-gr_8f51c7b5bfc9c04a.manifest
[2014/07/14 06:02:31 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_es-es_8f4df603bfcb934e.manifest
[2014/07/14 06:05:56 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_fi-fi_bd1ae931dd735bf4.manifest
[2014/07/14 05:56:04 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_fr-fr_bcc29c7fddb43b7c.manifest
[2014/07/14 05:55:44 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_he-il_17cc27e0196f027e.manifest
[2014/07/14 06:06:17 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_hu-hu_177adb4e19a99640.manifest
[2014/07/14 06:02:19 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_it-it_44ef81ca37923e6e.manifest
[2014/07/14 06:01:05 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_ja-jp_727292d65572caab.manifest
[2014/07/14 06:06:49 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_ko-kr_9fd5cde4736642c5.manifest
[2014/07/14 05:52:14 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_nb-no_2829be74cd293de9.manifest
[2014/07/14 06:02:36 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_nl-nl_2854311ccd07e77c.manifest
[2014/07/14 06:06:57 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_pl-pl_8329ded108e7a268.manifest
[2014/07/14 06:02:11 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_pt-br_82f0e70509113ca4.manifest
[2014/07/14 05:59:37 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_pt-pt_82db61c109214ca8.manifest
[2014/07/14 06:02:09 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_ru-ru_dda73fd345083cdc.manifest
[2014/07/14 05:55:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_sv-se_0bc015b762757499.manifest
[2014/07/14 05:55:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_tr-tr_389a5c6d80d257f0.manifest
[2014/07/14 06:03:57 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_zh-cn_493c76ac345a5d09.manifest
[2014/07/14 06:03:57 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_zh-tw_48db47a634a32819.manifest
[2014/07/14 06:05:41 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_ar-sa_c3979db361216d3a.manifest
[2014/07/14 06:06:58 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_cs-cz_1d5fdb799dcb2f48.manifest
[2014/07/14 06:10:34 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_da-dk_4b5adbf3bb51a181.manifest
[2014/07/14 06:09:12 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_de-de_4b9fbca3bb1d5f37.manifest
[2014/07/14 06:03:01 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_el-gr_78850a53d9705399.manifest
[2014/07/14 06:11:49 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_es-es_788138a1d972269d.manifest
[2014/07/14 06:11:35 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_fi-fi_a64e2bcff719ef43.manifest
[2014/07/14 06:02:38 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_fr-fr_a5f5df1df75acecb.manifest
[2014/07/14 06:04:14 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_he-il_00ff6a7e331595cd.manifest
[2014/07/14 06:03:42 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_hu-hu_00ae1dec3350298f.manifest
[2014/07/14 06:09:49 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_it-it_2e22c4685138d1bd.manifest
[2014/07/14 06:13:29 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_ja-jp_5ba5d5746f195dfa.manifest
[2014/07/14 06:13:12 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_ko-kr_890910828d0cd614.manifest
[2014/07/14 06:09:50 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_nb-no_115d0112e6cfd138.manifest
[2014/07/14 06:05:36 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_nl-nl_118773bae6ae7acb.manifest
[2014/07/14 06:10:32 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_pl-pl_6c5d216f228e35b7.manifest
[2014/07/14 06:12:27 | 000,001,635 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_pt-br_6c2429a322b7cff3.manifest
[2014/07/14 06:02:06 | 000,001,632 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_pt-pt_6c0ea45f22c7dff7.manifest
[2014/07/14 06:08:19 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_ru-ru_c6da82715eaed02b.manifest
[2014/07/14 06:12:10 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_sv-se_f4f358557c1c07e8.manifest
[2014/07/14 06:04:36 | 000,001,626 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_tr-tr_21cd9f0b9a78eb3f.manifest
[2014/07/14 06:05:37 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_zh-cn_326fb94a4e00f058.manifest
[2014/07/14 06:05:37 | 000,001,638 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9855831b512151c0fcf3328bb454d77a\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_zh-tw_320e8a444e49bb68.manifest
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\System32\serialui.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_neutral_fdcfb86ce78678d1\serial.sys
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\smartcrd.inf_amd64_neutral_6fb75ea318f84fe5\grserial.sys
[2009/08/03 22:14:41 | 000,005,120 | ---- | M] () -- \Windows\System32\sk-SK\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[1 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009/08/03 22:14:41 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\sk-SK\serialui.dll.mui
[2009/08/03 22:14:39 | 000,005,120 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552\serialui.dll.mui
[2009/07/14 03:41:54 | 000,017,920 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360\serialui.dll
[2009/07/14 04:30:28 | 000,010,240 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf.resources_31bf3856ad364e35_6.1.7600.16385_en-us_64015f894ce7c72a\serial.sys.mui
[2009/07/14 02:00:40 | 000,094,208 | ---- | M] () -- \Windows\winsxs\amd64_msports.inf_31bf3856ad364e35_6.1.7600.16385_none_548ca258d20f4ada\serial.sys
[2009/06/10 22:40:06 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_a9d1bee515273f56\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 01:43:09 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_a9a7e561157d82e9\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 01:43:05 | 000,131,072 | ---- | M] () -- \Windows\winsxs\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_92db3ec72f23fc97\System.Runtime.Serialization.Formatters.Soap.dll
[2009/06/10 22:37:50 | 000,038,400 | ---- | M] () -- \Windows\winsxs\amd64_smartcrd.inf_31bf3856ad364e35_6.1.7600.16385_none_ce9ed3064deed3aa\grserial.sys
[2010/11/05 03:52:16 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722\System.Runtime.Serialization.dll
[2012/10/05 12:52:38 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b\System.Runtime.Serialization.dll
[2014/03/09 23:48:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff\System.Runtime.Serialization.dll
[2014/07/11 00:24:02 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53\System.Runtime.Serialization.dll
[2014/03/17 16:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad\System.Runtime.Serialization.dll
[2014/07/08 01:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704\System.Runtime.Serialization.dll
[2010/11/05 03:52:08 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb\System.Runtime.Serialization.dll
[2012/10/05 12:52:37 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4\System.Runtime.Serialization.dll
[2014/03/09 23:48:50 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98\System.Runtime.Serialization.dll
[2014/07/11 00:24:01 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e\System.Runtime.Serialization.dll
[2012/10/05 12:56:11 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec\System.Runtime.Serialization.dll
[2014/03/17 16:38:51 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846\System.Runtime.Serialization.dll
[2014/07/08 01:36:29 | 000,847,872 | ---- | M] () -- \Windows\winsxs\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d\System.Runtime.Serialization.dll
[2011/07/23 16:11:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/07/23 16:11:45 | 000,017,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8_kdcom.dll_db5e7744
[2009/08/03 22:15:03 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_d5f23af62a751552_serialui.dll.mui_7d29d2a3
[2009/07/14 04:57:29 | 000,017,920 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_50f69335385bc360_serialui.dll_bea29328
[2009/08/03 22:15:03 | 000,005,120 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c_serialui.dll.mui_7d29d2a3
[2009/07/14 04:58:37 | 000,015,360 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a_serialui.dll_bea29328
[2009/07/14 04:15:17 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7600.16385_none_6daa7ec5c65bf5bc.manifest
[2011/02/05 19:35:45 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.17556_none_6fb25371c3691bc8.manifest
[2011/02/05 15:11:05 | 000,002,766 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.1.7601.21655_none_703aeff2dc87a23b.manifest
[2009/07/14 04:11:30 | 000,000,868 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.1.7600.16385_none_88b1c48f2026fe3f.manifest
[2010/11/20 06:21:24 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17514_none_5918bfde74e3f722.manifest
[2012/10/05 20:18:30 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.17966_none_591d933074dfaa5b.manifest
[2014/07/02 08:30:52 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18523_none_5919d8d674e2f3ff.manifest
[2014/07/14 04:24:48 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.18532_none_591aefe874e1f3b5.manifest
[2012/10/05 20:10:31 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22126_none_424bee728e8a9f53.manifest
[2014/07/02 08:30:44 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22733_none_424d323c8e896dad.manifest
[2014/07/14 04:13:57 | 000,002,237 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.1.7601.22743_none_424e32868e888704.manifest
[2010/11/20 06:22:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_93efcca8c8dbf1bb.manifest
[2012/10/05 20:19:07 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_93f49ffac8d7a4f4.manifest
[2014/07/02 08:31:00 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_93f0e5a0c8daee98.manifest
[2014/07/14 04:24:58 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_93f1fcb2c8d9ee4e.manifest
[2012/10/05 20:11:10 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_7d22fb3ce28299ec.manifest
[2014/07/02 08:30:53 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_7d243f06e2816846.manifest
[2014/07/14 04:14:06 | 000,002,262 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_7d253f50e280819d.manifest
[2010/11/20 05:06:16 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c.manifest
[2012/10/05 19:15:39 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285.manifest
[2014/07/02 07:57:49 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29.manifest
[2014/07/14 04:04:09 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf.manifest
[2012/10/05 19:17:50 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d.manifest
[2014/07/02 08:07:46 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7.manifest
[2014/07/14 04:04:27 | 000,002,226 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e.manifest
[2009/07/14 04:42:40 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7600.16385_en-us_8f71d563bf7aa3c2.manifest
[2012/10/05 20:09:41 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.17966_en-us_8f4bb639bfcd9db1.manifest
[2014/07/02 08:12:55 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18523_en-us_8f47fbdfbfd0e755.manifest
[2014/07/14 04:07:18 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.18532_en-us_8f4912f1bfcfe70b.manifest
[2012/10/05 19:57:17 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22126_en-us_787a117bd97892a9.manifest
[2014/07/02 08:12:12 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22733_en-us_787b5545d9776103.manifest
[2014/07/14 03:56:59 | 000,000,531 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.1.7601.22743_en-us_787c558fd9767a5a.manifest
[2010/11/20 05:05:38 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f.manifest
[2012/10/05 19:15:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8.manifest
[2014/07/02 08:00:03 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c.manifest
[2014/07/14 04:06:40 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12.manifest
[2012/10/05 19:17:15 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0.manifest
[2014/07/02 08:10:04 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a.manifest
[2014/07/14 04:06:53 | 000,001,985 | ---- | M] () -- \Windows\winsxs\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061.manifest
[2010/11/20 05:10:46 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1.manifest
[2012/10/05 19:19:53 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa.manifest
[2014/07/02 07:58:58 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e.manifest
[2014/07/14 04:05:25 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754.manifest
[2012/10/05 19:22:10 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2.manifest
[2014/07/02 08:08:55 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c.manifest
[2014/07/14 04:05:41 | 000,002,260 | ---- | M] () -- \Windows\winsxs\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3.manifest
[2009/06/10 23:23:19 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7600.16385_none_1c9a3ec1e01c684b\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 01:43:20 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.18523_none_1c70653de072abde\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 01:43:36 | 000,131,072 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.1.7601.22733_none_05a3bea3fa19258c\System.Runtime.Serialization.Formatters.Soap.dll
[2010/11/05 03:52:39 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17514_none_a67f221874da7f4c\System.Runtime.Serialization.dll
[2012/10/05 12:53:24 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.17966_none_a683f56a74d63285\System.Runtime.Serialization.dll
[2014/03/09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18523_none_a6803b1074d97c29\System.Runtime.Serialization.dll
[2014/07/11 00:24:11 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.18532_none_a681522274d87bdf\System.Runtime.Serialization.dll
[2012/10/05 12:56:07 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22126_none_8fb250ac8e81277d\System.Runtime.Serialization.dll
[2014/03/17 16:38:28 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22733_none_8fb394768e7ff5d7\System.Runtime.Serialization.dll
[2014/07/08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization.ref_b77a5c561934e089_6.1.7601.22743_none_8fb494c08e7f0f2e\System.Runtime.Serialization.dll
[2010/11/05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17514_none_d6c257b29c81807f\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.17966_none_d6c72b049c7d33b8\System.Runtime.Serialization.dll
[2014/03/09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18523_none_d6c370aa9c807d5c\System.Runtime.Serialization.dll
[2014/07/11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.18532_none_d6c487bc9c7f7d12\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22126_none_bff58646b62828b0\System.Runtime.Serialization.dll
[2014/03/17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22733_none_bff6ca10b626f70a\System.Runtime.Serialization.dll
[2014/07/08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\msil_system.runtime.serialization_b77a5c561934e089_6.1.7601.22743_none_bff7ca5ab6261061\System.Runtime.Serialization.dll
[2009/08/03 22:14:41 | 000,005,120 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.1.7600.16385_sk-sk_79d39f727217a41c\serialui.dll.mui
[2009/07/14 03:16:13 | 000,015,360 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.1.7600.16385_none_f4d7f7b17ffe522a\serialui.dll
[2010/11/05 03:52:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17514_none_db9d037fdd581ac1\System.Runtime.Serialization.dll
[2012/10/05 12:53:23 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.17966_none_dba1d6d1dd53cdfa\System.Runtime.Serialization.dll
[2014/03/09 23:47:42 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18523_none_db9e1c77dd57179e\System.Runtime.Serialization.dll
[2014/07/11 00:24:10 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.18532_none_db9f3389dd561754\System.Runtime.Serialization.dll
[2012/10/05 12:56:05 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22126_none_c4d03213f6fec2f2\System.Runtime.Serialization.dll
[2014/03/17 16:38:27 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22733_none_c4d175ddf6fd914c\System.Runtime.Serialization.dll
[2014/07/08 01:27:52 | 000,970,752 | ---- | M] () -- \Windows\winsxs\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.1.7601.22743_none_c4d27627f6fcaaa3\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:981884E7
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:3AE22B1A
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:41099CE9
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:D20FFA63
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:81F83028
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:029E021F
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:3E7393FC

< End of report >

jaruzo · #15 Příspěvek od **jaruzo** » 11 zář 2014 18:22

Extras.Txt

OTL Extras logfile created on: 11. 9. 2014 18:12:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jaro\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17280)
Locale: 0000041b | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

3,61 Gb Total Physical Memory | 1,15 Gb Available Physical Memory | 31,88% Memory free
7,21 Gb Paging File | 4,61 Gb Available in Paging File | 63,99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,28 Gb Total Space | 37,20 Gb Free Space | 18,57% Space Free | Partition Type: NTFS
Drive D: | 240,48 Gb Total Space | 240,15 Gb Free Space | 99,86% Space Free | Partition Type: NTFS

Computer Name: JARO-PC | User Name: Jaro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-1799708505-3246337621-3321167157-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01EC4008-A804-40A3-B49F-A18B1BF61EFF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{02EC5364-4814-4F70-BD71-7E558AA65C88}" = lport=137 | protocol=17 | dir=in | app=system |
"{21C1EB8D-74E9-49E1-9D11-8DBCBBDDC1E5}" = rport=139 | protocol=6 | dir=out | app=system |
"{22C9D983-B588-4377-A1D7-BE32484F3B83}" = lport=10243 | protocol=6 | dir=in | app=system |
"{28A4B77F-7740-4FD4-921D-4A8C2B43925B}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{53171431-C548-4518-803A-26B4032451B9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{545BF970-4AC4-4C55-8F84-C052693C0C25}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5E658E8A-17EA-4E3D-8269-DB88500F2C99}" = lport=139 | protocol=6 | dir=in | app=system |
"{5F3C6BA5-D765-4A36-83CF-C643B1CF2E61}" = rport=137 | protocol=17 | dir=out | app=system |
"{6A2CC63B-FA1D-40FF-8B4B-CCC999AE3486}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{844A6B87-D216-4A09-908A-D1681A887F39}" = rport=445 | protocol=6 | dir=out | app=system |
"{8619ECF8-0244-4E05-9878-9204DC728483}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8A0604F6-1328-4714-B1C3-21C8A26F5839}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{AB738EC9-9BCB-4B79-AE7F-C04804ED9453}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{B1337689-8299-4C1D-B4D6-2BDDB4A2A74A}" = lport=138 | protocol=17 | dir=in | app=system |
"{BB4079A7-C899-4E88-B2FF-F61A47D5E3BA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C40AADF4-162A-45AA-B814-37838A51033E}" = lport=445 | protocol=6 | dir=in | app=system |
"{CEF4F011-FB8E-4DED-9193-9027C5FB472E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CF42546C-1527-40AA-9697-3249A999F357}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9B7A00F-41CE-4C4F-AADF-2200A5919BB1}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{DD6925A9-7629-4104-8F3D-F118D87FB381}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E4E97F3C-463D-4F98-B1A9-9CAAC4D5C499}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{E9C44E22-E4A7-4B06-AFAB-D0A94C4C0028}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F8EEAC62-8B39-4891-AD90-9CF4F513AC43}" = rport=138 | protocol=17 | dir=out | app=system |
"{F9EF8583-8D67-4C7B-BD0B-30DF15A22D79}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF571B35-F936-4A21-94D2-FDCC637673F9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{038D5D22-C687-4F8E-AD41-0E1CD31414DC}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{0F1E74F1-A3EE-4BA0-8BB5-BDA0908C9983}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{13494920-34A4-4280-B0EF-CF2A9F7DFCE8}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\dead island\deadislandgame.exe |
"{157CE327-7418-4D2E-A70D-B9A3203E2398}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1BD25651-C7E0-4D70-9888-899F475E26CE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1CAA5EEB-3248-4956-9B95-B40937A3BC71}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\team fortress 2\hl2.exe |
"{1FE8808D-93D7-4ADF-A25F-E88FE0F7236D}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steam.exe |
"{22D57DD4-7505-4F59-BA9D-8B5A090BBF9E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{261427BC-9DE4-4DE3-9D69-EF1642DE6006}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\team fortress 2\hl2.exe |
"{29E129C1-102C-4635-B7A1-C276022252C5}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\dead island\deadislandgame.exe |
"{2DF62C56-C084-45F1-A17A-4C14E6F324C8}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{31353325-F123-46E0-9CD2-BFA6C712BA05}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{32B312BB-764D-4998-AE17-BACF6CFF1091}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{3A4E7CD4-1D4E-4A88-9FDB-8F0FD018D5AF}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\brink\brink.exe |
"{3B87109A-889E-40D8-8F03-B20376DFBDE2}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{45ACA13A-D4B3-467F-B6C1-CB3DFABDE1A8}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\dead island\deadislandgame.exe |
"{4C469C7F-28FF-452C-9095-BA8A5A6A7B47}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{61E671FD-86A2-410E-B2A1-609C41E6FE0B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{66B2853B-F00E-4F6D-B44D-F5D9E117FC41}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6F78B5E3-C5FA-446A-BD91-18288BE0D150}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{6F9CA7D1-3930-4011-8DB5-0607C3F2A4D7}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{72310CE6-A3F8-4994-9E43-8B0A0F163FC9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{740666E3-0E56-4B57-A96E-879E17880E18}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7E380F99-F349-4C1B-A26E-027C54899007}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7EA66777-A2EC-4074-A0B2-F13ED1F2338F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{841025C4-F3E1-4335-BE1C-6DE1F638F107}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\dead island\deadislandgame.exe |
"{8A8E5319-CC0F-4417-929B-1065CA6C6650}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8C578FA4-7974-4F1F-A8FF-8E494ED7F40A}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steam.exe |
"{8DE7AF8F-8565-4AB0-8A4A-72865A175F10}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\team fortress 2\hl2.exe |
"{8EE1A6EE-F4C3-4B7C-9F62-2EF1E8F6E16C}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steam.exe |
"{90B4D1B5-65E3-44B5-8D4D-F89D89D711A9}" = protocol=6 | dir=out | app=system |
"{98D1DEF2-A744-4C65-BCCB-E345B64F4EBB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{99088429-4396-4B0C-8DB0-808A86B053A7}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{99DD1B0D-5B49-4B36-B3E7-4A0A270CAA45}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9BA2BD13-7F70-496C-AF1A-DD80AEE5801C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{A17849B1-DD3D-442B-AB75-5AE2A7AEF5FE}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{A5FD208C-BAB7-4A98-B5C4-537657A2F06F}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{B41EDEFF-8A6B-4113-8FBF-3CA2A4AEDFE0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{B4294EA9-A451-48CE-AD91-727A2FE85EA9}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{B42E3165-DC7C-49FD-BB8A-30455489420B}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{B9A2DD22-5F47-4C64-B3B7-93774AE29476}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe |
"{C3308CAC-F651-4608-BBBA-899ECEEF7C20}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{C4C13588-E659-4050-887F-194EDF349D1D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C76F5F99-69AE-4A28-AAE0-62C9F78A01C0}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\brink\brink.exe |
"{C96154AC-8E24-4662-B7B6-26199F4EDAB9}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CCD42602-2F4B-43FD-BAB9-F7299630C82E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{DB02307B-569D-4E0B-BB06-C768B57485A0}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steam.exe |
"{DF0033D9-7BD6-4CDF-8447-C2CE3A3E4489}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E10CF8CF-D0A7-44A0-9A39-FBDCBF63463E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{E96835A4-FC90-4EA7-B82A-43DD920403B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ED6FDA67-35CD-4E5E-B383-11FC4036D23B}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F695CC6D-5C89-4F2F-A7DA-5381D8952FEC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FCFA034B-8E07-42B4-A265-896836B0B735}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{FECCF750-2769-4B72-9049-7EABFAD4809D}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\common\team fortress 2\hl2.exe |
"{FFE18651-D8DD-4B17-9983-31F0268FCEEC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{1410B552-5D2C-4727-B3A1-A265C13290D1}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe |
"TCP Query User{70FBFAA0-7B1B-40E9-B593-DC6A275DB41D}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{A7ABBCCC-E563-46B3-97E5-D292B925DAFD}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{461415B7-AF0C-4C1A-9FB1-C85316B14FF6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{4DD3FDA9-B257-4AA5-A879-3B86B34FD1EF}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{C77CBD28-4F2E-479E-8EC3-1EB08B09F6B7}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{02A5BD31-16AC-45DF-BE9F-A3167BC4AFB2}" = Windows Live Family Safety
"{0CC44ABB-62F1-FDA7-02C8-DCCC2A239DDE}" = AMD Fuel
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{119CFC4D-EB75-D47F-1209-032721858C32}" = ccc-utility64
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1BF5ECDD-47AC-411B-9BC5-96F01346CD7C}" = Windows Live Family Safety
"{1D2596F8-5EDD-4F8A-BA88-734E5549DD72}" = Windows Live Family Safety
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{24A534BC-AC8B-44A8-A417-135F28F8E9EE}" = Windows Live Family Safety
"{27F3F8DE-AC95-4E10-90A6-EBA999DDBCAF}" = Windows Live Remote Service Resources
"{29CFD07F-4971-41B0-B14D-621ACCC264AC}" = Windows Live Remote Service Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{44E3AB6B-453B-8DAE-9777-1C48F5AB8965}" = AMD Catalyst Install Manager
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4BB3027E-7ABE-43EA-BA1B-9521EF69B530}" = Windows Live Family Safety
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{641B32DB-8226-4250-86C9-34671162F5D5}" = Windows Live Remote Client Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A2482BC-733A-404A-939A-2D5BC636E6F9}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{78654366-5889-4A70-90D9-04B00709EEE0}" = Windows Live Remote Client Resources
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-006D-041B-1000-0000000FF1CE}" = Microsoft Office Klikni a spusti 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A0CC1C12-528A-42A3-B9A3-10C4F9E65C9E}" = Windows Live Family Safety
"{A73F0084-A1CC-6E42-06DF-D088D583CC2A}" = AMD Media Foundation Decoders
"{A986CF32-C1C2-4B53-91AD-78EE027875C7}" = Windows Live Family Safety
"{AAE97E7E-B3A6-42BA-ADA5-04A0E6FD7224}" = Windows Live Family Safety
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{CFA5BA6D-D6BB-AE1B-E61E-5B1ACFC8F0BB}" = AMD Drag and Drop Transcoding
"{D0AB8C9D-93CE-4F48-A0D8-8A04D442F272}" = Windows Live Family Safety
"{D0C56275-9E7F-4BE5-AB37-15124BF808F2}" = Windows Live Family Safety
"{D157C6E7-5847-4FD1-BEDC-7389493874F6}" = Windows Live Remote Service Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E10CB758-D5FD-4A2D-A1C9-459D6BB0C035}" = Windows Live Remote Client Resources
"{E3525BFB-1C0B-4022-98EE-824E3757E83F}" = Windows Live Family Safety
"{E892324D-9386-4105-806C-5550304CE519}" = Windows Live Family Safety
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{F0793412-6407-4870-9A8C-6FE198A4EB12}" = Windows Live Remote Client Resources
"{F71F4E15-C711-4010-B1BD-74EE2618B86F}" = Windows Live Family Safety
"{F9B968F9-26FC-66BA-1B59-DB55E53C20B9}" = AMD Fuel
"{FF610D6F-4B8C-14B8-6583-69B8A4E31496}" = ccc-utility64
"Elantech" = ETDWare PS/2-X64 8.0.5.1_WHQL
"WinRAR archiver" = WinRAR 4.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0233CB76-091B-35E8-0602-800924C51318}" = CCC Help Spanish
"{0297C87B-CC40-446F-865A-031B4FC0CF22}" = ToCA Race Driver 3
"{047377C9-C74B-4345-82E8-03BAE5DF2C32}" = Windows Live Writer
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0A093C39-CBB3-4142-B93F-562F176B6305}" = Windows Live Mesh
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B80A0FD-755A-4796-BFB0-A7B07366F33A}" = Windows Live Mail
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0CAE2FF0-AFC9-733D-EC3C-04BCB6B3C06F}" = Application Profiles
"{0E3599E2-6782-3E82-5E98-C050EDD9A6C5}" = CCC Help Italian
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1168ECF1-2932-4E86-BC83-560C256C8022}" = Windows Live Photo Common
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{122800FE-3AAF-4974-9FBD-54B023FA756A}" = „Windows Live Messenger“
"{13AE7598-928A-83E7-548B-44FA68242798}" = CCC Help English
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}" = „Windows Live Essentials“
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{1A0E45DF-4EED-234D-3777-8C4EEB28F50D}" = Catalyst Control Center Profiles Mobile
"{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1" = Euro Truck Simulator 2
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{211D9A2A-0ECA-7AC7-ABAA-03ED3242F33E}" = AMD VISION Engine Control Center
"{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}" = Windows Live Mesh ActiveX-i juhtelement kaugühendustele
"{21ED5288-9248-9675-F3F1-1FDB279056A8}" = CCC Help Finnish
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 65
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{2720009D-9566-45A7-A370-0E6DAC313F3F}" = „Windows Live Mail“
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C0642CD-595E-6C46-37A2-D2B2ED1787EC}" = CCC Help English
"{2CC0789D-D31B-445F-8970-6E058BE39754}" = Windows Live UX Platform Language Pack
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery
"{3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}" = Windows Live UX Platform Language Pack
"{3C8CB071-1260-8F06-47BB-59366EED9C0B}" = CCC Help Polish
"{3FD1CB9F-807F-451B-926C-9D19C84CFC61}" = Messenger Suradnik
"{40A02593-DF0A-9A40-F82E-5C9FB0872D51}" = CCC Help Turkish
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{442032CB-900C-49C7-B4B4-2B76525DD403}" = Windows Live Photo Common
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4BE245C3-79B0-3E9C-BEB6-3571AEE353DC}" = CCC Help Chinese Traditional
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4F9DCAA9-58E0-869E-0D48-7582761A4374}" = CCC Help Russian
"{5066FFF7-0029-BBA3-DD41-D71599987F1B}" = Catalyst Control Center InstallProxy
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{517EAAB9-C35E-4949-B8C2-20C241162BBB}" = Windows Live Pošta
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{5439B4ED-651E-A372-FEC5-91FCACA82600}" = CCC Help Chinese Standard
"{545192D4-E817-4EAA-834D-623EA50CF268}" = Windows Live UX Platform Language Pack
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D163056-96B7-440F-A836-89BA5D3CFF2F}" = Windows Live Photo Common
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{64547C35-ACB3-B020-470F-8E6D1810CC32}" = CCC Help Portuguese
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{661E0024-7AC6-FA0B-9236-D69EAAE50973}" = CCC Help Danish
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68F1F84D-5549-1E14-310E-4B4C1B37ADB4}" = CCC Help German
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A962531-B2B4-4714-A7D6-9F2497ABC8DA}" = Windows Phone app for desktop
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}" = Windows Live Movie Maker
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}" = Doplnok programu Messenger
"{6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}" = Windows Live Writer Resources
"{6DD3B54B-F0D0-4A69-8344-F52033225A02}" = Messenger Companion
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71684DFF-CDED-450C-AF0C-4A1A6438A1A5}" = Windows Live Essentials
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{74371272-6808-7AEF-11AC-B43FF3232C0F}" = CCC Help Dutch
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}" = Windows Live Photo Common
"{77DAF553-291A-4471-988C-5677D90DB57E}" = Windows Live Writer Resources
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.18
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7E274911-32ED-4489-9B04-4EF100D0E4D3}" = „Messenger“ pagalbinė priemonė
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{826A9D28-CAB2-4950-8AAA-B639DCA444CE}" = Windows Live UX Platform Language Pack
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}" = Windows Live Writer
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8985AE5E-622A-4980-8BF8-0A1830643220}" = Windows Live Mesh ActiveX kontrola za daljinske veze
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D33ECF4-1A77-4674-ABAE-DFF978C5BC0A}" = Windows Live Movie Maker
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EFCE1F8-8ADB-40F2-BED7-7728BED00EC0}" = Windows Live Essentials
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{9012041B-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90140011-0066-041B-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Slovenčina
"{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}" = „Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis
"{902585EB-8FA3-43A5-AD1C-5C9821A77114}" = Messenger Pratilac
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}" = Windows Live Movie Maker
"{9EC1A6A3-BF65-9502-3DB3-3BD134E7B3FD}" = CCC Help Thai
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A1668729-C4D2-49AE-877B-FB608362FFF1}" = Windows Live Essentials
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}" = Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{ACD7B451-9DDA-AA9E-E317-804026440922}" = CCC Help Norwegian
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADFAC033-8DB8-C839-DA8A-4865654D7351}" = Catalyst Control Center Localization All
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}" = Windows Live Foto-galerija
"{B8EDB617-BC8C-730F-3658-7C58889B8552}" = CCC Help Czech
"{B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}" = Windows Live Writer
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD215FCB-27E8-4C86-9251-8B8C1D548743}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD8DA595-F501-4ABE-85A0-5C23E82472A0}" = Pomocnik Messenger
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C7393F14-FA7A-3F3C-065C-652572CD7197}" = CCC Help Japanese
"{C7DEE8F5-29D4-4A5E-823B-4A7850C5E53D}" = Windows Live'i fotogalerii
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C877E454-FA36-409A-A00E-1240CEC61BBD}" = „Windows Live“ fotogalerija
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF936193-C584-458C-B793-15FA945621AF}" = Windows Live fotoattēlu galerija
"{CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}" = Windows Live Movie Maker
"{D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}" = Windows Live Mesh
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}" = Nikon File Uploader 2
"{D27DF849-C8C7-4892-A7F1-E0B381A1BD01}" = Windows Live Writer
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D47C66BE-0EB5-4587-93FE-D1E176C4B25C}" = Windows Live Messenger
"{D4F81B27-4054-4AD6-A588-265508BAA17C}" = Messenger Companion
"{D5A4E5F3-9ACD-412E-B380-F838DF9787B9}" = Windows Live Writer Resources
"{D987098B-3AD4-4E88-B80E-CF27A32D1955}" = Windows Live Writer Resources
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFD64203-3A64-E2B7-B981-3841351E8F22}" = CCC Help Korean
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3839628-F67D-40E7-BEF9-C0FEBABABB52}" = Messengeri kaaslane
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console
"{E99D9605-1CAA-CBB3-115C-2BA1A53899CC}" = CCC Help Swedish
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EAB1BDF2-734A-4D44-9169-7615D185C974}" = Windows Live Mesh
"{EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}" = Windows Live Mesh
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F009E971-D92F-FE80-7B03-1D4128B9EF2D}" = CCC Help Hungarian
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E05E82-9538-0E4C-14A4-86BBBAD4E516}" = CCC Help French
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F14F9EE9-9B68-42B4-90F7-0924F7619281}" = Spremljevalec Messenger
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}" = Messenger kísérő
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F5DFA930-D84C-6C0D-0AA2-F1A5D6C13E60}" = CCC Help Greek
"{F66430D8-08E6-4C96-B9B7-90E66E27D58C}" = Windows Live Mail
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{FA20D803-14E5-4B00-8F03-B519D46F9D4A}" = Windows Live Messenger
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}" = Помощник на Messenger
"{FECCC297-24D6-F2B0-2BEC-446AC0205EEB}" = Catalyst Control Center Graphics Previews Common
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_Screensaver" = ASUS_Screensaver
"Bookworm Deluxe" = Bookworm Deluxe
"Cooking Dash" = Cooking Dash
"Delta Force" = Delta Force
"Governor of Poker" = Governor of Poker
"Hotel Dash Suite Success" = Hotel Dash Suite Success
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}" = Age of Empires III
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Jewel Quest 3" = Jewel Quest 3
"Luxor 3" = Luxor 3
"Mahjongg dimensions" = Mahjongg dimensions
"Mozilla Firefox 31.0 (x86 sk)" = Mozilla Firefox 31.0 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klikni a spusti 2010
"OpenAL" = OpenAL
"PhotoScape" = PhotoScape
"PowerISO" = PowerISO
"PunkBusterSvc" = PunkBuster Services
"S3 Gold" = The Settlers III Gold Edition
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steam App 730" = Counter-Strike: Global Offensive
"Steam App 91310" = Dead Island
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"World of Goo" = World of Goo
"YouTube Downloader_is1" = YouTube Downloader 5

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1799708505-3246337621-3321167157-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10. 9. 2014 18:35:40 | Computer Name = Jaro-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 10. 9. 2014 18:35:40 | Computer Name = Jaro-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 10. 9. 2014 18:35:42 | Computer Name = Jaro-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 10. 9. 2014 18:35:42 | Computer Name = Jaro-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 10. 9. 2014 18:35:43 | Computer Name = Jaro-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 10. 9. 2014 18:35:43 | Computer Name = Jaro-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 11. 9. 2014 12:10:38 | Computer Name = Jaro-PC | Source = CVHSVC | ID = 100
Description = Iba informácie. Too many failures while downloading ranges: 2

Error - 11. 9. 2014 12:12:25 | Computer Name = Jaro-PC | Source = CVHSVC | ID = 100
Description = Iba informácie. (Stream product id=0x0066): Streaming Failed

Error - 11. 9. 2014 12:13:13 | Computer Name = Jaro-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = The performance strings in the Performance registry value is corrupted
when process Performance extension counter provider. The BaseIndex value from the
Performance registry is the first DWORD in the Data section, LastCounter value
is the second DWORD in the Data section, and LastHelp value is the third DWORD in
the Data section.

Error - 11. 9. 2014 12:13:13 | Computer Name = Jaro-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

Error - 11. 9. 2014 12:13:14 | Computer Name = Jaro-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Unable to read the performance counter strings defined for the 01B
language ID. The first DWORD in the Data section contains the Win32 error code.

[ Media Center Events ]
Error - 14. 9. 2013 7:01:55 | Computer Name = Jaro-PC | Source = MCUpdate | ID = 0
Description = 13:01:55 - Chyba pripájania na Internet. 13:01:55 - Nebolo možné
spojiť sa so serverom..

Error - 14. 9. 2013 7:02:28 | Computer Name = Jaro-PC | Source = MCUpdate | ID = 0
Description = 13:02:24 - Chyba pripájania na Internet. 13:02:24 - Nebolo možné
spojiť sa so serverom..

Error - 24. 9. 2013 7:38:45 | Computer Name = Jaro-PC | Source = MCUpdate | ID = 0
Description = 13:38:45 - Chyba pripájania na Internet. 13:38:45 - Nebolo možné
spojiť sa so serverom..

Error - 24. 9. 2013 7:39:21 | Computer Name = Jaro-PC | Source = MCUpdate | ID = 0
Description = 13:39:14 - Chyba pripájania na Internet. 13:39:14 - Nebolo možné
spojiť sa so serverom..

Error - 24. 9. 2013 8:39:52 | Computer Name = Jaro-PC | Source = MCUpdate | ID = 0
Description = 14:39:52 - Chyba pripájania na Internet. 14:39:52 - Nebolo možné
spojiť sa so serverom..

Error - 24. 9. 2013 8:40:23 | Computer Name = Jaro-PC | Source = MCUpdate | ID = 0
Description = 14:40:21 - Chyba pripájania na Internet. 14:40:21 - Nebolo možné
spojiť sa so serverom..

Error - 24. 9. 2013 9:40:55 | Computer Name = Jaro-PC | Source = MCUpdate | ID = 0
Description = 15:40:55 - Chyba pripájania na Internet. 15:40:55 - Nebolo možné
spojiť sa so serverom..

Error - 24. 9. 2013 9:41:26 | Computer Name = Jaro-PC | Source = MCUpdate | ID = 0
Description = 15:41:24 - Chyba pripájania na Internet. 15:41:24 - Nebolo možné
spojiť sa so serverom..

Error - 26. 12. 2013 16:13:57 | Computer Name = Jaro-PC | Source = MCUpdate | ID = 0
Description = 21:13:57 - Chyba pripájania na Internet. 21:13:57 - Nebolo možné
spojiť sa so serverom..

Error - 26. 12. 2013 16:14:09 | Computer Name = Jaro-PC | Source = MCUpdate | ID = 0
Description = 21:14:02 - Chyba pripájania na Internet. 21:14:02 - Nebolo možné
spojiť sa so serverom..

[ System Events ]
Error - 8. 9. 2014 10:36:26 | Computer Name = Jaro-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej
chybe: %%2

Error - 8. 9. 2014 15:09:56 | Computer Name = Jaro-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 18:59:53 on ?8. ?9. ?2014 was unexpected.

Error - 8. 9. 2014 15:13:03 | Computer Name = Jaro-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej
chybe: %%2

Error - 9. 9. 2014 14:00:56 | Computer Name = Jaro-PC | Source = DCOM | ID = 10010
Description =

Error - 9. 9. 2014 14:02:16 | Computer Name = Jaro-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej
chybe: %%2

Error - 10. 9. 2014 11:24:04 | Computer Name = Jaro-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej
chybe: %%2

Error - 10. 9. 2014 14:01:55 | Computer Name = Jaro-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 19:30:21 on ?10. ?9. ?2014 was unexpected.

Error - 10. 9. 2014 14:03:32 | Computer Name = Jaro-PC | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 10. 9. 2014 14:04:38 | Computer Name = Jaro-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej
chybe: %%2

Error - 11. 9. 2014 12:08:58 | Computer Name = Jaro-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby Služba Google Update (gupdate) zlyhalo kvôli nasledujúcej
chybe: %%2

< End of report >

VIRY.CZ

Kontrola ntb

Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb

Re: Kontrola ntb