Zpomalený internet cca 14 dní

Zpráva

zdenek21 · #16 Příspěvek od **zdenek21** » 22 říj 2014 07:22

Dobré ráno MBAM

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22. 10. 2014
Čas skenování: 7:17:15
Protokol: log.txt
Správce: Ano

Verze: 2.00.3.1025
Databáze malwaru: v2014.10.22.01
Databáze rootkitů: v2014.10.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: xxx

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 500714
Uplynulý čas: 1 hod, 3 min, 49 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-1716491184-2317231473-1448380392-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, , [6a4f57c0304c40f61a6ba28059aa1fe1],

Hodnoty registru: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-1716491184-2317231473-1448380392-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, , [6a4f57c0304c40f61a6ba28059aa1fe1]

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 5
PUP.Optional.ELEX, C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir, , [3a7f48cf19638caaf42a3d78c33e639d],
PUP.Riskware.Patcher, C:\Programy\Revo Uninstaller Pro 3.0.8 Multilanguage\patch_XenoCoder.rar, , [b20747d075075cda0aa7ed34db2616ea],
PUP.Riskware.Patcher, C:\Programy\Revo Uninstaller Pro 3.0.8 Multilanguage\revo.uninstaller.pro.3.x.(x64)-patch.exe, , [87322ceb8cf0c472337e3fe2e41ddb25],
PUP.Hacktool.Patcher, C:\Programy\SpyHunter.Malware.Security.Suite.v4.17.6.4336.CZ\patch\spyhunter.4.3.32-patch.exe, , [cbeee6317b01e353e8e5b15402fecb35],
RiskWare.Tool.HCK, C:\Programy\WinRAR 5.11 Final (x86,x64) CZ\KEYGEN-FFF.exe, , [3a7fa86ffb811c1a52fb97a016ec48b8],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

#17 Příspěvek od **Márty84** » 22 říj 2014 08:11

Dobre rano

Nalezy nechte odstranit (do karanteny), pak MBAM odinstalujte.

Aktualizujem skener
Smazte RSIT a slozku C:\Program Files\trend micro , pokud ji najdete.
Pak stahnete nove RSIT http://images.malwareremoval.com/random/RSITx64.exe a dejte log z nej.

zdenek21 · #18 Příspěvek od **zdenek21** » 22 říj 2014 08:17

Odstraněno a přidávám nový LOG

Logfile of random's system information tool 1.10 (written by random/random)
Run by xxx at 2014-10-22 09:17:12
Microsoft Windows 8.1
System drive C: has 723 GB (76%) free of 954 GB
Total RAM: 8190 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:17:14, on 22. 10. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Users\xxx\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\xxx.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\xxx\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6776 bytes

======Listing Processes======

wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
taskhostex.exe
C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\alg.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Users\xxx\AppData\Roaming\uTorrent\utorrent.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskhost.exe $(Arg0)
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4928 CREDAT:267521 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4928 CREDAT:2954517 /prefetch:2
"C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding

C:\Windows\System32\RuntimeBroker.exe -Embedding
taskhost.exe
"C:\totalcmd\TOTALCMD64.EXE"
"C:\totalcmd\tcmadm64.exe" 18272 zdenda-olinka\xxx
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"C:\Users\xxx\Downloads\RSITx64(1).exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3xt2n6xl.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.67.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@unity3d.com/UnityPlayer64,version=1.0]
"Description"=Unity Player 4.5.5f1
"Path"=C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-09-16 1729232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-10-18 7575768]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\xxx\AppData\Roaming\uTorrent\utorrent.exe [2014-04-14 398760]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-25 6480664]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-07-04 766688]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"=C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2014-10-01 54072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-10-22 09:17:12 ----D---- C:\Program Files\trend micro
2014-10-22 09:14:32 ----A---- C:\Windows\system32\drivers\ubaax.sys
2014-10-22 07:15:12 ----D---- C:\ProgramData\Malwarebytes
2014-10-21 20:50:53 ----SHD---- C:\$RECYCLE.BIN
2014-10-21 20:45:48 ----A---- C:\Windows\zoek-delete.exe
2014-10-21 20:28:59 ----D---- C:\Windows\system32\drivers\etc
2014-10-21 20:22:55 ----D---- C:\zoek_backup
2014-10-21 20:19:34 ----D---- C:\Windows\ERUNT
2014-10-21 20:13:43 ----D---- C:\Program Files (x86)\MozBackup
2014-10-21 19:58:45 ----D---- C:\AdwCleaner
2014-10-21 19:33:23 ----D---- C:\Users\xxx\AppData\Roaming\Mozilla
2014-10-21 19:17:52 ----D---- C:\rsit
2014-10-21 08:56:06 ----ASH---- C:\hiberfil.sys
2014-10-21 08:04:30 ----D---- C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
2014-10-21 07:35:08 ----D---- C:\Program Files\CCleaner
2014-10-20 15:53:41 ----D---- C:\Program Files\Unity
2014-10-20 15:37:30 ----D---- C:\Users\xxx\AppData\Roaming\AMD
2014-10-20 15:37:29 ----D---- C:\Users\xxx\AppData\Roaming\Rovio
2014-10-20 09:18:05 ----D---- C:\Games
2014-10-19 14:27:09 ----D---- C:\Program Files (x86)\The Evil Within
2014-10-19 13:41:40 ----D---- C:\Program Files (x86)\Assetto Corsa
2014-10-18 13:10:13 ----D---- C:\Program Files (x86)\F1 2014
2014-10-18 12:35:30 ----D---- C:\ProgramData\ATI
2014-10-18 12:34:39 ----A---- C:\Windows\system32\RtNicProp64.dll
2014-10-18 12:34:39 ----A---- C:\Windows\system32\drivers\Rt630x64.sys
2014-10-18 12:18:34 ----D---- C:\AMD
2014-10-18 12:17:25 ----A---- C:\Windows\SYSWOW64\OVDecode.dll
2014-10-18 12:17:25 ----A---- C:\Windows\SYSWOW64\OpenVideo.dll
2014-10-18 12:17:25 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2014-10-18 12:17:25 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2014-10-18 12:17:25 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2014-10-18 12:17:25 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2014-10-18 12:17:25 ----A---- C:\Windows\system32\OVDecode64.dll
2014-10-18 12:17:25 ----A---- C:\Windows\system32\OpenVideo64.dll
2014-10-18 12:17:25 ----A---- C:\Windows\system32\mantleaxl64.dll
2014-10-18 12:17:25 ----A---- C:\Windows\system32\mantle64.dll
2014-10-18 12:17:25 ----A---- C:\Windows\system32\coinst_14.30.dll
2014-10-18 12:17:25 ----A---- C:\Windows\system32\clinfo.exe
2014-10-18 12:17:25 ----A---- C:\Windows\system32\ativvaxy_vi_nd.dat
2014-10-18 12:17:25 ----A---- C:\Windows\system32\ativvaxy_vi.dat
2014-10-18 12:17:25 ----A---- C:\Windows\system32\ativvaxy_cz_nd.dat
2014-10-18 12:17:25 ----A---- C:\Windows\system32\ativvaxy_cik_nd.dat
2014-10-18 12:17:25 ----A---- C:\Windows\system32\ativvaxy_cik.dat
2014-10-18 12:17:25 ----A---- C:\Windows\system32\ativce03.dat
2014-10-18 12:17:25 ----A---- C:\Windows\system32\ativce02.dat
2014-10-18 12:17:24 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2014-10-18 12:17:24 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2014-10-18 12:17:24 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2014-10-18 12:17:24 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2014-10-18 12:17:24 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2014-10-18 12:17:24 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2014-10-18 12:17:24 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2014-10-18 12:17:24 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2014-10-18 12:17:24 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2014-10-18 12:17:24 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2014-10-18 12:17:24 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atitmm64.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atisamu64.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atio6axx.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atimuixx.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atimpc64.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atiicdxx.dat
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atiglpxx.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atig6txx.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atig6pxx.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\aticalrt64.dll
2014-10-18 12:17:23 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2014-10-18 12:17:23 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2014-10-18 12:17:23 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2014-10-18 12:17:23 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2014-10-18 12:17:23 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2014-10-18 12:17:23 ----A---- C:\Windows\system32\OpenCL.dll
2014-10-18 12:17:23 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2014-10-18 12:17:23 ----A---- C:\Windows\system32\aticaldd64.dll
2014-10-18 12:17:23 ----A---- C:\Windows\system32\aticalcl64.dll
2014-10-18 12:17:23 ----A---- C:\Windows\system32\atiapfxx.exe
2014-10-18 12:17:23 ----A---- C:\Windows\system32\amdpcom64.dll
2014-10-18 12:17:22 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2014-10-18 12:17:22 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2014-10-18 12:17:22 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2014-10-18 12:17:22 ----A---- C:\Windows\system32\amdocl64.dll
2014-10-18 12:17:22 ----A---- C:\Windows\system32\amdmmcl6.dll
2014-10-18 12:17:22 ----A---- C:\Windows\system32\amdmiracast.dll
2014-10-18 12:17:22 ----A---- C:\Windows\system32\amdmantle64.dll
2014-10-18 12:17:22 ----A---- C:\Windows\system32\amdicdxx.dat
2014-10-18 12:17:21 ----A---- C:\Windows\SYSWOW64\amdhsasc.dll
2014-10-18 12:17:21 ----A---- C:\Windows\SYSWOW64\amdhdl32.dll
2014-10-18 12:17:21 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2014-10-18 12:17:21 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2014-10-18 12:17:21 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2014-10-18 12:17:21 ----A---- C:\Windows\system32\amdhsasc64.dll
2014-10-18 12:17:21 ----A---- C:\Windows\system32\amdhdl64.dll
2014-10-18 12:17:21 ----A---- C:\Windows\system32\amdhcp64.dll
2014-10-18 12:17:21 ----A---- C:\Windows\system32\amde31a.dat
2014-10-18 12:17:21 ----A---- C:\Windows\system32\amdave64.dll
2014-10-18 12:16:15 ----A---- C:\Windows\system32\YamahaAE.dll
2014-10-18 12:16:13 ----A---- C:\Windows\system32\WavesGUILib64.dll
2014-10-18 12:16:13 ----A---- C:\Windows\system32\SStudio.dll
2014-10-18 12:16:12 ----A---- C:\Windows\system32\sltech64.dll
2014-10-18 12:16:12 ----A---- C:\Windows\system32\slprp64.dll
2014-10-18 12:16:12 ----A---- C:\Windows\system32\slcnt64.dll
2014-10-18 12:16:12 ----A---- C:\Windows\system32\sl3apo64.dll
2014-10-18 12:16:12 ----A---- C:\Windows\system32\RtPgEx64.dll
2014-10-18 12:16:12 ----A---- C:\Windows\system32\drivers\rtvienna.dat
2014-10-18 12:16:11 ----A---- C:\Windows\system32\RtkApi64.dll
2014-10-18 12:16:11 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2014-10-18 12:16:10 ----A---- C:\Windows\system32\RtDataProc64.dll
2014-10-18 12:16:10 ----A---- C:\Windows\system32\RTCOM64.dll
2014-10-18 12:16:10 ----A---- C:\Windows\system32\RltkAPO64.dll
2014-10-18 12:16:10 ----A---- C:\Windows\system32\RCoRes64.dat
2014-10-18 12:16:10 ----A---- C:\Windows\system32\RCoInstII64.dll
2014-10-18 12:16:10 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2014-10-18 12:16:09 ----A---- C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-10-18 12:16:09 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll
2014-10-18 12:16:09 ----A---- C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-10-18 12:16:09 ----A---- C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-10-18 12:16:09 ----A---- C:\Windows\system32\MaxxSpeechAPO64.dll
2014-10-18 12:16:09 ----A---- C:\Windows\system32\MaxxAudioVnN64.dll
2014-10-18 12:16:08 ----A---- C:\Windows\SYSWOW64\MaxxAudioAPOShell.dll
2014-10-18 12:16:08 ----A---- C:\Windows\system32\MaxxAudioVnA64.dll
2014-10-18 12:16:08 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2014-10-18 12:16:08 ----A---- C:\Windows\system32\MaxxAudioRealtek264.dll
2014-10-18 12:16:08 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2014-10-18 12:16:08 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-10-18 12:16:08 ----A---- C:\Windows\system32\MaxxAudioAPO6064.dll
2014-10-18 12:16:08 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2014-10-18 12:16:08 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll
2014-10-18 12:16:07 ----A---- C:\Windows\system32\ICEsoundAPO64.dll
2014-10-18 12:16:07 ----A---- C:\Windows\system32\FMAPO64.dll
2014-10-18 12:16:06 ----A---- C:\Windows\system32\DDPP64A.dll
2014-10-18 12:16:06 ----A---- C:\Windows\system32\DDPO64A.dll
2014-10-18 12:16:06 ----A---- C:\Windows\system32\DDPD64A.dll
2014-10-18 12:16:06 ----A---- C:\Windows\system32\DDPA64.dll
2014-10-18 12:16:06 ----A---- C:\Windows\system32\audioLibVc.dll
2014-10-18 12:15:46 ----A---- C:\Windows\system32\drivers\amd_xata.sys
2014-10-18 12:15:46 ----A---- C:\Windows\system32\drivers\amd_sata.sys
2014-10-18 12:07:51 ----D---- C:\ProgramData\IObit
2014-10-18 11:37:14 ----D---- C:\Users\xxx\AppData\Roaming\uTorrent
2014-10-17 21:10:26 ----D---- C:\Users\xxx\AppData\Roaming\Winamp
2014-10-17 21:10:26 ----D---- C:\Program Files (x86)\Winamp
2014-10-16 09:22:28 ----A---- C:\Windows\system32\win32k.sys
2014-10-16 09:22:21 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2014-10-16 09:22:21 ----A---- C:\Windows\system32\MrmCoreR.dll
2014-10-16 09:22:18 ----A---- C:\Windows\system32\winbici.dll
2014-10-16 09:22:17 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-10-16 09:22:17 ----A---- C:\Windows\system32\wucltux.dll
2014-10-16 09:22:17 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-16 09:22:17 ----A---- C:\Windows\system32\wuapi.dll
2014-10-16 09:22:16 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-10-16 09:22:16 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-10-16 09:22:16 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-10-16 09:22:16 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-16 09:22:16 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-10-16 09:22:16 ----A---- C:\Windows\system32\wups2.dll
2014-10-16 09:22:16 ----A---- C:\Windows\system32\wups.dll
2014-10-16 09:22:16 ----A---- C:\Windows\system32\wudriver.dll
2014-10-16 09:22:16 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-16 09:22:16 ----A---- C:\Windows\system32\wuapp.exe
2014-10-16 09:22:06 ----A---- C:\Windows\system32\mshtml.dll
2014-10-16 09:22:05 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-16 09:22:00 ----A---- C:\Windows\system32\jscript9.dll
2014-10-16 09:21:59 ----A---- C:\Windows\system32\ieframe.dll
2014-10-16 09:21:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-16 09:21:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-16 09:21:53 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-16 09:21:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-16 09:21:53 ----A---- C:\Windows\system32\wininet.dll
2014-10-16 09:21:53 ----A---- C:\Windows\system32\urlmon.dll
2014-10-16 09:21:53 ----A---- C:\Windows\system32\iertutil.dll
2014-10-16 09:21:51 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-16 09:21:51 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-16 09:21:50 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-16 09:21:49 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-16 09:21:49 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-16 09:21:49 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-16 09:21:49 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-16 09:21:48 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-16 09:21:48 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-16 09:21:48 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-16 09:21:48 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-16 09:21:48 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-16 09:21:48 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-16 09:21:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-16 09:21:47 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-16 09:21:47 ----A---- C:\Windows\system32\vbscript.dll
2014-10-16 09:21:47 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-16 09:21:36 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-16 09:21:36 ----A---- C:\Windows\system32\packager.dll
2014-10-16 09:21:34 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-16 09:21:34 ----A---- C:\Windows\system32\rastls.dll
2014-10-16 09:21:29 ----A---- C:\Windows\system32\shell32.dll
2014-10-16 09:21:27 ----A---- C:\Windows\system32\Windows.UI.Search.dll
2014-10-16 09:21:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-10-16 09:21:25 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll
2014-10-16 09:21:24 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-16 09:21:24 ----A---- C:\Windows\system32\SyncEngine.dll
2014-10-16 09:21:24 ----A---- C:\Windows\system32\mstscax.dll
2014-10-16 09:21:24 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-10-16 09:21:23 ----A---- C:\Windows\system32\SearchFolder.dll
2014-10-16 09:21:22 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2014-10-16 09:21:22 ----A---- C:\Windows\system32\propsys.dll
2014-10-16 09:21:22 ----A---- C:\Windows\system32\ntdll.dll
2014-10-16 09:21:22 ----A---- C:\Windows\system32\KernelBase.dll
2014-10-16 09:21:21 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-10-16 09:21:21 ----A---- C:\Windows\system32\WSShared.dll
2014-10-16 09:21:20 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-10-16 09:21:19 ----A---- C:\Windows\SYSWOW64\SearchFolder.dll
2014-10-16 09:21:19 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-10-16 09:21:19 ----A---- C:\Windows\system32\Wldap32.dll
2014-10-16 09:21:17 ----A---- C:\Windows\SYSWOW64\Wldap32.dll
2014-10-16 09:21:17 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2014-10-16 09:21:16 ----A---- C:\Windows\SYSWOW64\propsys.dll
2014-10-16 09:21:15 ----A---- C:\Windows\system32\SkyDriveTelemetry.dll
2014-10-16 09:21:15 ----A---- C:\Windows\system32\SkyDrive.exe
2014-10-16 09:21:15 ----A---- C:\Windows\system32\pcsvDevice.dll
2014-10-16 09:21:15 ----A---- C:\Windows\system32\httpprxm.dll
2014-10-16 09:21:15 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-10-16 09:21:15 ----A---- C:\Windows\system32\bisrv.dll
2014-10-16 09:21:14 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 09:21:14 ----A---- C:\Windows\SYSWOW64\SkyDriveShell.dll
2014-10-16 09:21:14 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-16 09:21:14 ----A---- C:\Windows\system32\SkyDriveShell.dll
2014-10-16 09:21:14 ----A---- C:\Windows\system32\ProximityService.dll
2014-10-16 09:21:14 ----A---- C:\Windows\system32\adhsvc.dll
2014-10-16 09:21:12 ----A---- C:\Windows\system32\generaltel.dll
2014-10-16 09:21:12 ----A---- C:\Windows\system32\aepdu.dll
2014-10-16 09:21:11 ----A---- C:\Windows\system32\aeinv.dll
2014-10-16 09:21:10 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-16 09:21:08 ----A---- C:\Windows\system32\msi.dll
2014-10-16 09:21:07 ----A---- C:\Windows\system32\authui.dll
2014-10-16 09:21:05 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-10-16 09:21:04 ----A---- C:\Windows\system32\appinfo.dll
2014-10-11 13:18:38 ----D---- C:\Users\xxx\AppData\Roaming\SMIGames
2014-10-11 11:25:24 ----D---- C:\ProgramData\Spidla Data Processing, s.r.o
2014-10-09 20:54:14 ----A---- C:\Windows\SYSWOW64\sh4native.exe
2014-10-05 10:30:51 ----D---- C:\ProgramData\AVG
2014-10-04 11:08:50 ----D---- C:\ProgramData\Špidla Data Processing, s.r.o
2014-10-04 09:29:51 ----D---- C:\Users\xxx\AppData\Roaming\Steam

======List of files/folders modified in the last 1 month======

2014-10-22 09:17:12 ----RD---- C:\Program Files
2014-10-22 09:17:03 ----D---- C:\Windows\Prefetch
2014-10-22 09:16:13 ----D---- C:\Windows\system32\drivers
2014-10-22 09:16:12 ----RD---- C:\Program Files (x86)
2014-10-22 09:14:33 ----D---- C:\Windows\Temp
2014-10-22 09:14:32 ----D---- C:\Windows\MediaViewer
2014-10-22 09:02:00 ----D---- C:\Windows\system32\sru
2014-10-22 07:15:12 ----HD---- C:\ProgramData
2014-10-21 20:45:48 ----D---- C:\Windows
2014-10-21 20:44:14 ----HD---- C:\Windows\system32\GroupPolicy
2014-10-21 20:44:14 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2014-10-21 20:35:14 ----D---- C:\Windows\SysWOW64
2014-10-21 20:29:23 ----SHD---- C:\Windows\Installer
2014-10-21 20:23:41 ----SHD---- C:\System Volume Information
2014-10-21 19:56:41 ----D---- C:\Windows\Tasks
2014-10-21 19:56:41 ----D---- C:\Windows\system32\Tasks
2014-10-21 19:33:13 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-21 10:11:16 ----D---- C:\Windows\system32\config
2014-10-21 09:57:45 ----D---- C:\Windows\system32\DriverStore
2014-10-21 09:45:57 ----D---- C:\Windows\Minidump
2014-10-21 08:58:15 ----D---- C:\Windows\SYSWOW64\drivers
2014-10-21 08:46:09 ----D---- C:\Windows\WinSxS
2014-10-21 08:46:04 ----D---- C:\Windows\CbsTemp
2014-10-21 08:04:17 ----D---- C:\Programy
2014-10-21 07:59:15 ----D---- C:\Program Files (x86)\Common Files
2014-10-21 07:59:14 ----D---- C:\Program Files (x86)\Adobe
2014-10-21 07:56:47 ----D---- C:\ProgramData\Adobe
2014-10-21 07:56:25 ----D---- C:\Users\xxx\AppData\Roaming\Adobe
2014-10-21 07:55:21 ----D---- C:\Program Files\Common Files
2014-10-21 07:48:23 ----D---- C:\Windows\Inf
2014-10-21 07:43:10 ----D---- C:\Windows\AppReadiness
2014-10-21 07:43:09 ----D---- C:\Windows\Microsoft.NET
2014-10-21 07:43:08 ----HD---- C:\Program Files\WindowsApps
2014-10-21 07:37:03 ----D---- C:\Windows\Logs
2014-10-21 07:37:02 ----D---- C:\Windows\debug
2014-10-21 07:33:56 ----RD---- C:\Windows\System32
2014-10-20 20:05:27 ----D---- C:\Windows\system32\NDF
2014-10-19 19:31:49 ----D---- C:\Windows\tracing
2014-10-19 15:16:21 ----D---- C:\ProgramData\Microsoft Help
2014-10-19 15:15:37 ----RSD---- C:\Windows\assembly
2014-10-19 11:56:54 ----D---- C:\Windows\rescache
2014-10-18 13:13:39 ----D---- C:\Users\xxx\AppData\Roaming\vlc
2014-10-18 13:13:38 ----D---- C:\ProgramData\Codemasters
2014-10-18 12:51:16 ----D---- C:\Windows\system32\catroot
2014-10-18 12:36:04 ----D---- C:\ProgramData\AMD
2014-10-18 12:17:25 ----A---- C:\Windows\system32\atiuxp64.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atiumd6a.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atiumd64.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atiu9p64.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atiesrxx.exe
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atieclxx.exe
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atidxx64.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\atidemgy.dll
2014-10-18 12:17:24 ----A---- C:\Windows\system32\aticfx64.dll
2014-10-18 12:17:23 ----A---- C:\Windows\system32\atiadlxx.dll
2014-10-18 12:16:50 ----D---- C:\Windows\SYSWOW64\RTCOM
2014-10-16 12:57:30 ----D---- C:\Windows\FileManager
2014-10-16 12:57:30 ----D---- C:\Windows\Camera
2014-10-16 12:57:29 ----RD---- C:\Windows\ToastData
2014-10-16 12:57:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-16 12:57:29 ----D---- C:\Windows\system32\cs-CZ
2014-10-16 12:57:29 ----D---- C:\Program Files\Internet Explorer
2014-10-16 12:57:29 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-16 12:57:26 ----SD---- C:\Windows\system32\CompatTel
2014-10-16 12:57:26 ----D---- C:\Windows\WinStore
2014-10-16 09:27:49 ----D---- C:\Windows\system32\MRT
2014-10-16 09:25:15 ----A---- C:\Windows\system32\MRT.exe
2014-10-16 09:24:14 ----RSD---- C:\Windows\Fonts
2014-10-16 09:20:50 ----D---- C:\Windows\system32\catroot2
2014-10-14 18:36:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-12 19:59:32 ----D---- C:\Windows\SYSWOW64\Macromed
2014-10-12 19:25:57 ----D---- C:\fotoaparát
2014-10-09 20:11:52 ----D---- C:\Windows\system32\wbem
2014-10-09 20:10:51 ----RSD---- C:\Windows\Media
2014-10-09 20:10:50 ----D---- C:\Windows\SYSWOW64\wbem
2014-10-09 20:10:50 ----D---- C:\Windows\system32\drivers\UMDF
2014-10-09 20:10:43 ----D---- C:\Windows\system32\Sysprep
2014-10-09 20:10:43 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-09 20:10:43 ----D---- C:\Windows\servicing
2014-10-09 20:10:38 ----D---- C:\Users\xxx\AppData\Roaming\GHISLER
2014-10-09 20:10:37 ----SHD---- C:\Program Files (x86)\Windows Sidebar
2014-10-09 20:10:37 ----D---- C:\Program Files\WinRAR
2014-10-09 20:07:34 ----D---- C:\Windows\registration
2014-10-09 20:06:51 ----SHD---- C:\Program Files\Windows Sidebar
2014-10-09 20:06:41 ----RHD---- C:\MSOCache
2014-10-09 19:49:33 ----D---- C:\ProgramData\TuneUp Software
2014-09-30 00:45:58 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-09-27 14:06:43 ----D---- C:\Windows\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\System32\drivers\amd_sata.sys [2014-10-18 81608]
R0 amd_xata;amd_xata; C:\Windows\System32\drivers\amd_xata.sys [2014-10-18 23752]
R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 157016]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2014-10-18 293088]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-10-18 16750080]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-10-18 576000]
R3 AtiHDAudioService;@oem20.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2014-03-11 222720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-10-18 3962840]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 RTL8168;@oem4.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-10-18 874712]
S0 amdkmafd;@oem18.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\Windows\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S0 fgjw;fgjw; C:\Windows\System32\drivers\ubaax.sys [2014-10-22 79064]
S3 AndNetDiag;@oem6.inf,%Lgsi.Service.Name%;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys []
S3 ANDNetModem;@oem25.inf,%LGSI.Service.Name%;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 ISCT;@oem17.inf,%ISCT.DeviceDesc%;Intel(R) Smart Connect Technology Device Driver; C:\Windows\System32\drivers\ISCTD64.sys [2012-07-24 46016]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-08-22 20992]
S3 usbser;@oem23.inf,%Serial.SvcDesc%;USB Serial emulation modem driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-22 33280]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2013-08-22 78848]
S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;Služba Reflektor UMDF pro zprostředkovatele umístění (LocationProvider); C:\Windows\system32\DRIVERS\WUDFRd.sys [2014-05-31 227840]
S3 WUDFWpdFs;WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [2014-05-31 227840]
S3 WUDFWpdMtp;WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [2014-05-31 227840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-10-18 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-17 344064]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]

-----------------EOF-----------------

#19 Příspěvek od **Márty84** » 22 říj 2014 08:21

Vyborne, posledni sken a budem mazat. Mimochodem, kam se podela Avira?

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

zdenek21 · #20 Příspěvek od **zdenek21** » 22 říj 2014 08:24

Vytvořím a přidám.
Jelikož mám originální Windowsy 8.1 tak používám jako antivir originální od Windows což je Defender, je to špatný?

#21 Příspěvek od **Márty84** » 22 říj 2014 08:27

zdenek21 píše:Jelikož mám originální Windowsy 8.1 tak používám jako antivir originální od Windows což je Defender, je to špatný?

No je to taky moznost, ja jen, ze na zacatku tam byla Avira. A ja tedy obvykle doporucuji jiny antivir, nez ten windowsacky. Nejcasteji Avast, pripadne tu Aviru, nebo Bitdefender. Kvalitou jsou precejen vyse. Ale samozrejme zadny neni 100%ni a slusnym uzivatelum staci i Windows Defender

zdenek21 · #22 Příspěvek od **zdenek21** » 22 říj 2014 08:30

Právě měl jsem originály i Nod32 a byl jsem nespokojenej

Proto zatím Defender a maximálně na čištění CCleaner nebo defrag

Jinak nechápu jak se v tom všem vyznátev těch logách

Asi čištění musíme nechat k večeru musím totiž do práce

snad stihnu jsem dát aspoň ten log

#23 Příspěvek od **Márty84** » 22 říj 2014 08:34

Nod je samozrejme taky kvalitni. Ale placeny, kdezto ty tri co jsem vypsal jsou free

OTL miva delsi sken, takze nevim, jestli to stihnete. Kdyztak az vecer, nic se nedeje, casu dost

Tak at to v praci pekne utika

zdenek21 · #24 Příspěvek od **zdenek21** » 22 říj 2014 08:35

Ok asi to vidím na večer

Takže po 19 hodině to sem dám, takže tam mám v PC něco co mi tam dělá neplechu?
Ten PC mám cca 2 měsíce a se starým se mi to nikdy nestalo

#25 Příspěvek od **Márty84** » 22 říj 2014 08:46

Vecer tu budu prubezne koukat, mam ted tyden volno, takze mam dost casu

Havet jako takova tam neni, ale takovych ruznych brzd a zbytecnosti tam bylo dost a zbytek odpalim skriptem pomoci OTL. Pak to snad pobezi jak ma.

zdenek21 · #26 Příspěvek od **zdenek21** » 22 říj 2014 19:16

OTL.txt

OTL logfile created on: 22. 10. 2014 19:45:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

8,00 Gb Total Physical Memory | 6,62 Gb Available Physical Memory | 82,71% Memory free
16,00 Gb Paging File | 14,50 Gb Available in Paging File | 90,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,32 Gb Total Space | 706,06 Gb Free Space | 75,81% Space Free | Partition Type: NTFS

Computer Name: ZDENDA-OLINKA | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/10/22 09:22:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Downloads\OTL.exe
PRC - [2014/10/11 14:52:51 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/09/12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

========== Modules (No Company Name) ==========

MOD - [2014/10/11 14:53:29 | 003,649,648 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

========== Services (SafeList) ==========

SRV:64bit: - [2014/10/18 12:17:24 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2014/09/11 20:13:22 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/08/16 05:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/16 02:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/16 02:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 09:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/04/17 22:29:26 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2014/04/06 13:20:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/03/24 04:31:14 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/03/24 04:31:14 | 000,023,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/03/14 08:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 07:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 17:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 11:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 11:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 11:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 11:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/12/10 09:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/08/22 13:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 13:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 13:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 13:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 13:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 12:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 12:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 12:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 11:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 11:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 11:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 11:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 11:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 11:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 11:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 11:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2014/09/12 11:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/16 05:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/03/14 08:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013/08/22 05:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 04:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/10/18 12:34:39 | 000,874,712 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2014/10/18 12:17:24 | 016,750,080 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014/10/18 12:17:24 | 000,576,000 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2014/10/18 12:17:21 | 000,293,088 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\amdacpksd.sys -- (amdacpksd)
DRV:64bit: - [2014/10/18 12:15:46 | 000,081,608 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2014/10/18 12:15:46 | 000,023,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2014/08/15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 17:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 17:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 13:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/01 15:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/03/24 04:30:57 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/03/24 04:30:57 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/03/24 04:27:03 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/03/20 05:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/13 14:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/11 16:20:04 | 000,222,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWB6.sys -- (AtiHDAudioService)
DRV:64bit: - [2014/03/08 22:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/02/22 18:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 17:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 17:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 17:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 17:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 14:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/02/11 17:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV:64bit: - [2013/11/11 04:48:41 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/11/01 13:39:53 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/10/26 03:54:32 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/10/05 17:25:54 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/09/14 16:06:57 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/08/23 00:10:34 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013/08/23 00:10:29 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 14:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 14:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:40:00 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013/08/22 13:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 13:38:17 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 13:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 13:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 13:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 13:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 13:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2012/09/23 01:17:24 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
DRV:64bit: - [2012/07/24 04:37:56 | 000,046,016 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1716491184-2317231473-1448380392-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1716491184-2317231473-1448380392-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1716491184-2317231473-1448380392-1002\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1716491184-2317231473-1448380392-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1716491184-2317231473-1448380392-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?btnG=Google+Search&q="
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:33.0
FF - prefs.js..keyword.URL: "http://www.google.com/search?btnG=Google+Search&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer64,version=1.0: C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 33.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014/10/21 19:33:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Extensions
[2014/10/21 19:43:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\3xt2n6xl.default\extensions
[2014/10/21 19:33:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/10/21 19:33:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2014/10/21 20:36:25 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\.DEFAULT..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun File not found
O4 - HKU\S-1-5-18..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun File not found
O4 - HKU\S-1-5-21-1716491184-2317231473-1448380392-1002..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1716491184-2317231473-1448380392-1002..\Run: [uTorrent] C:\Users\xxx\AppData\Roaming\uTorrent\utorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.101.253.14 10.101.254.193
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56C95792-6EFB-4729-9D31-41725F99BD95}: DhcpNameServer = 10.101.253.14 10.101.254.193
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (bj.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/09/05 09:07:04 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sh4native Sh4Removal)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2014/10/22 09:17:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/10/22 07:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/10/21 20:50:53 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/10/21 20:28:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\etc
[2014/10/21 20:22:55 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2014/10/21 20:19:34 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/10/21 20:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup
[2014/10/21 19:58:45 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/10/21 19:33:23 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Mozilla
[2014/10/21 19:17:52 | 000,000,000 | ---D | C] -- C:\rsit
[2014/10/21 09:46:45 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\AviraSpeedup
[2014/10/21 09:23:24 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\AviraResume
[2014/10/21 07:35:08 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/10/20 15:53:41 | 000,000,000 | ---D | C] -- C:\Program Files\Unity
[2014/10/20 15:37:30 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\AMD
[2014/10/20 15:37:29 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Rovio
[2014/10/20 09:18:05 | 000,000,000 | ---D | C] -- C:\Games
[2014/10/19 15:00:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Evil Within
[2014/10/19 14:28:52 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar
[2014/10/19 14:27:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Evil Within
[2014/10/19 14:05:42 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\CARS
[2014/10/19 14:05:41 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\wmd_symbol_cache
[2014/10/19 13:49:58 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\Assetto Corsa
[2014/10/19 13:41:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Assetto Corsa
[2014/10/19 11:05:36 | 000,000,000 | ---D | C] -- C:\Windows\tasks\ImCleanDisabled
[2014/10/18 17:44:36 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\RadioSure
[2014/10/18 13:10:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\F1 2014
[2014/10/18 12:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014/10/18 12:35:30 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/10/18 12:34:39 | 000,874,712 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt630x64.sys
[2014/10/18 12:34:39 | 000,073,800 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2014/10/18 12:18:34 | 000,000,000 | ---D | C] -- C:\AMD
[2014/10/18 12:17:25 | 007,207,592 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2014/10/18 12:17:25 | 000,827,392 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_14.30.dll
[2014/10/18 12:17:25 | 000,127,488 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantle64.dll
[2014/10/18 12:17:25 | 000,126,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2014/10/18 12:17:25 | 000,113,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantle32.dll
[2014/10/18 12:17:25 | 000,098,816 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2014/10/18 12:17:25 | 000,091,648 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantleaxl64.dll
[2014/10/18 12:17:25 | 000,086,528 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2014/10/18 12:17:25 | 000,085,504 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantleaxl32.dll
[2014/10/18 12:17:25 | 000,083,456 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2014/10/18 12:17:25 | 000,073,216 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2014/10/18 12:17:24 | 027,918,336 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2014/10/18 12:17:24 | 023,375,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2014/10/18 12:17:24 | 016,750,080 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2014/10/18 12:17:24 | 009,254,184 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2014/10/18 12:17:24 | 007,028,336 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2014/10/18 12:17:24 | 001,113,576 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2014/10/18 12:17:24 | 000,576,000 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2014/10/18 12:17:24 | 000,190,976 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2014/10/18 12:17:24 | 000,146,944 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2014/10/18 12:17:24 | 000,133,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2014/10/18 12:17:24 | 000,100,032 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2014/10/18 12:17:24 | 000,089,088 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2014/10/18 12:17:24 | 000,080,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2014/10/18 12:17:24 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2014/10/18 12:17:24 | 000,075,264 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2014/10/18 12:17:24 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2014/10/18 12:17:24 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2014/10/18 12:17:24 | 000,069,632 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2014/10/18 12:17:24 | 000,062,464 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2014/10/18 12:17:24 | 000,052,224 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2014/10/18 12:17:24 | 000,031,232 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2014/10/18 12:17:23 | 015,716,352 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2014/10/18 12:17:23 | 014,302,208 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2014/10/18 12:17:23 | 000,900,608 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2014/10/18 12:17:23 | 000,367,104 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2014/10/18 12:17:23 | 000,078,432 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2014/10/18 12:17:23 | 000,071,704 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2014/10/18 12:17:23 | 000,065,024 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/10/18 12:17:23 | 000,058,880 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/10/18 12:17:23 | 000,055,808 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2014/10/18 12:17:23 | 000,049,152 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2014/10/18 12:17:23 | 000,043,520 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2014/10/18 12:17:22 | 033,867,264 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2014/10/18 12:17:22 | 028,770,304 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2014/10/18 12:17:22 | 005,639,168 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmantle64.dll
[2014/10/18 12:17:22 | 004,480,000 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmantle32.dll
[2014/10/18 12:17:22 | 000,048,128 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmmcl6.dll
[2014/10/18 12:17:22 | 000,037,888 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmmcl.dll
[2014/10/18 12:17:21 | 005,316,096 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdhsasc64.dll
[2014/10/18 12:17:21 | 004,335,616 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdhsasc.dll
[2014/10/18 12:17:21 | 000,293,088 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdacpksd.sys
[2014/10/18 12:17:21 | 000,128,384 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2014/10/18 12:17:21 | 000,118,096 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2014/10/18 12:17:21 | 000,095,744 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2014/10/18 12:17:21 | 000,090,112 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2014/10/18 12:16:15 | 002,162,992 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2014/10/18 12:16:13 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014/10/18 12:16:12 | 002,834,648 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2014/10/18 12:16:12 | 001,959,128 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2014/10/18 12:16:12 | 001,048,824 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2014/10/18 12:16:12 | 000,889,592 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2014/10/18 12:16:12 | 000,724,728 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2014/10/18 12:16:12 | 000,246,008 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2014/10/18 12:16:11 | 001,022,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2014/10/18 12:16:10 | 060,636,160 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2014/10/18 12:16:10 | 002,800,344 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RltkAPO64.dll
[2014/10/18 12:16:10 | 001,286,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2014/10/18 12:16:10 | 000,948,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2014/10/18 12:16:10 | 000,628,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2014/10/18 12:16:09 | 012,894,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO3064.dll
[2014/10/18 12:16:09 | 005,751,048 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2014/10/18 12:16:09 | 003,959,384 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnN64.dll
[2014/10/18 12:16:09 | 001,313,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2014/10/18 12:16:09 | 000,956,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2014/10/18 12:16:09 | 000,942,384 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOSettingsIPC.dll
[2014/10/18 12:16:08 | 028,343,384 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnA64.dll
[2014/10/18 12:16:08 | 014,863,448 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2014/10/18 12:16:08 | 002,041,432 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014/10/18 12:16:08 | 001,934,424 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2014/10/18 12:16:08 | 001,317,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO6064.dll
[2014/10/18 12:16:08 | 001,168,472 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2014/10/18 12:16:08 | 001,136,728 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2014/10/18 12:16:08 | 001,063,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/10/18 12:16:08 | 000,900,696 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysWow64\MaxxAudioAPOShell.dll
[2014/10/18 12:16:07 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014/10/18 12:16:07 | 000,291,488 | ---- | C] (ICEpower a/s) -- C:\Windows\SysNative\ICEsoundAPO64.dll
[2014/10/18 12:16:06 | 006,218,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2014/10/18 12:16:06 | 001,939,800 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2014/10/18 12:16:06 | 000,315,736 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2014/10/18 12:16:06 | 000,261,464 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2014/10/18 12:15:46 | 000,081,608 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_sata.sys
[2014/10/18 12:15:46 | 000,023,752 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_xata.sys
[2014/10/18 12:07:51 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2014/10/18 11:37:14 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\uTorrent
[2014/10/17 21:10:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2014/10/17 21:10:26 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Winamp
[2014/10/17 21:10:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2014/10/16 09:22:21 | 000,921,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MrmCoreR.dll
[2014/10/16 09:22:21 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MrmCoreR.dll
[2014/10/16 09:22:18 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winbici.dll
[2014/10/16 09:22:17 | 001,702,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2014/10/16 09:22:17 | 000,839,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2014/10/16 09:22:17 | 000,672,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2014/10/16 09:22:16 | 000,388,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUSettingsProvider.dll
[2014/10/16 09:22:16 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2014/10/16 09:22:16 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2014/10/16 09:22:16 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2014/10/16 09:22:16 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2014/10/16 09:22:16 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2014/10/16 09:22:16 | 000,054,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2014/10/16 09:22:16 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2014/10/16 09:22:16 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2014/10/16 09:22:16 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2014/10/16 09:22:00 | 005,829,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/10/16 09:21:51 | 002,108,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/10/16 09:21:51 | 000,731,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/10/16 09:21:50 | 002,017,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/10/16 09:21:49 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/10/16 09:21:49 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/10/16 09:21:48 | 000,758,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/10/16 09:21:48 | 000,289,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/10/16 09:21:48 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/10/16 09:21:48 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/10/16 09:21:48 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/10/16 09:21:47 | 000,775,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/10/16 09:21:47 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/10/16 09:21:47 | 000,547,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/10/16 09:21:36 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/10/16 09:21:36 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/10/16 09:21:34 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rastls.dll
[2014/10/16 09:21:34 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rastls.dll
[2014/10/16 09:21:27 | 008,757,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Search.dll
[2014/10/16 09:21:25 | 005,902,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Search.dll
[2014/10/16 09:21:24 | 006,649,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/10/16 09:21:24 | 005,777,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/10/16 09:21:24 | 004,758,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SyncEngine.dll
[2014/10/16 09:21:23 | 001,106,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFolder.dll
[2014/10/16 09:21:22 | 001,710,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2014/10/16 09:21:22 | 001,507,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\propsys.dll
[2014/10/16 09:21:22 | 001,112,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/10/16 09:21:21 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/10/16 09:21:21 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/10/16 09:21:19 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wldap32.dll
[2014/10/16 09:21:17 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll
[2014/10/16 09:21:15 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDrive.exe
[2014/10/16 09:21:15 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveTelemetry.dll
[2014/10/16 09:21:15 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2014/10/16 09:21:15 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcsvDevice.dll
[2014/10/16 09:21:15 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bisrv.dll
[2014/10/16 09:21:15 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\httpprxm.dll
[2014/10/16 09:21:14 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ProximityService.dll
[2014/10/16 09:21:14 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SkyDriveShell.dll
[2014/10/16 09:21:14 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SkyDriveShell.dll
[2014/10/16 09:21:14 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/10/16 09:21:14 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/10/16 09:21:14 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adhsvc.dll
[2014/10/16 09:21:12 | 000,678,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/10/16 09:21:12 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/10/16 09:21:11 | 000,527,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/10/16 09:21:08 | 002,779,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/10/16 09:21:07 | 002,646,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/10/16 09:21:05 | 002,321,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/10/11 13:18:38 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\SMIGames
[2014/10/11 11:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Spidla Data Processing, s.r.o
[2014/10/10 19:42:46 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\LG Electronics
[2014/10/05 10:30:51 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2014/10/05 10:29:59 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/10/05 10:29:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/10/04 11:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Špidla Data Processing, s.r.o
[2014/10/04 09:29:51 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\Steam
[2014/09/28 10:53:44 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\Wheelman
[2014/09/28 10:53:44 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\PC
[2014/09/27 15:51:46 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\EMU
[2014/09/23 10:58:01 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\Vlastní šablony Office
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/10/22 19:47:00 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/10/22 09:46:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/10/22 09:44:43 | 000,000,374 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2014/10/22 09:44:21 | 383,566,740 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/10/22 09:44:21 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/10/22 09:44:19 | 2575,441,919 | -HS- | M] () -- C:\hiberfil.sys
[2014/10/21 20:57:13 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\spu_storage.bin
[2014/10/21 20:50:46 | 000,000,008 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/10/21 20:36:25 | 000,000,753 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/10/21 20:35:12 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014/10/21 20:22:33 | 001,290,752 | ---- | M] () -- C:\Users\xxx\Desktop\zoek.exe
[2014/10/21 20:14:03 | 000,554,013 | ---- | M] () -- C:\Users\xxx\Documents\Firefox 33.0 (x86 cs) - 2014-10-21.pcv
[2014/10/21 19:33:16 | 000,001,163 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/10/21 19:24:47 | 000,071,478 | ---- | M] () -- C:\Users\xxx\Desktop\bookmarks-2014-10-21.json
[2014/10/21 08:51:29 | 000,096,815 | ---- | M] () -- C:\spyhunter.fix
[2014/10/21 07:35:12 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/10/20 09:18:40 | 000,001,662 | ---- | M] () -- C:\Users\xxx\Desktop\Angry Birds v3.3.lnk
[2014/10/19 15:00:59 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\The Evil Within.lnk
[2014/10/19 14:28:52 | 000,001,665 | ---- | M] () -- C:\Users\xxx\Desktop\Dark Strokes The Legend of Snow Kingdom. Collector's Edition.lnk
[2014/10/18 13:10:13 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\F1 2014.lnk
[2014/10/18 12:34:39 | 000,874,712 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt630x64.sys
[2014/10/18 12:34:39 | 000,073,800 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2014/10/18 12:17:25 | 007,207,592 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2014/10/18 12:17:25 | 003,471,376 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2014/10/18 12:17:25 | 000,827,392 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_14.30.dll
[2014/10/18 12:17:25 | 000,322,868 | ---- | M] () -- C:\Windows\SysNative\ativvaxy_vi.dat
[2014/10/18 12:17:25 | 000,321,200 | ---- | M] () -- C:\Windows\SysNative\ativvaxy_vi_nd.dat
[2014/10/18 12:17:25 | 000,290,080 | ---- | M] () -- C:\Windows\SysNative\ativvaxy_cz_nd.dat
[2014/10/18 12:17:25 | 000,235,008 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2014/10/18 12:17:25 | 000,234,164 | ---- | M] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2014/10/18 12:17:25 | 000,232,752 | ---- | M] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2014/10/18 12:17:25 | 000,158,928 | ---- | M] () -- C:\Windows\SysNative\ativce03.dat
[2014/10/18 12:17:25 | 000,144,328 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2014/10/18 12:17:25 | 000,140,240 | ---- | M] () -- C:\Windows\SysNative\samu_krnl_ci.sbin
[2014/10/18 12:17:25 | 000,127,488 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantle64.dll
[2014/10/18 12:17:25 | 000,126,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2014/10/18 12:17:25 | 000,113,664 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantle32.dll
[2014/10/18 12:17:25 | 000,098,816 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2014/10/18 12:17:25 | 000,091,648 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantleaxl64.dll
[2014/10/18 12:17:25 | 000,086,528 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2014/10/18 12:17:25 | 000,085,504 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantleaxl32.dll
[2014/10/18 12:17:25 | 000,083,456 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OpenVideo.dll
[2014/10/18 12:17:25 | 000,082,128 | ---- | M] () -- C:\Windows\SysNative\ativce02.dat
[2014/10/18 12:17:25 | 000,073,216 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\OVDecode.dll
[2014/10/18 12:17:25 | 000,046,128 | ---- | M] () -- C:\Windows\SysNative\kapp_ci.sbin
[2014/10/18 12:17:25 | 000,041,936 | ---- | M] () -- C:\Windows\SysNative\kapp_si.sbin
[2014/10/18 12:17:24 | 027,918,336 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2014/10/18 12:17:24 | 023,375,360 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2014/10/18 12:17:24 | 016,750,080 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2014/10/18 12:17:24 | 015,716,352 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2014/10/18 12:17:24 | 010,826,488 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2014/10/18 12:17:24 | 009,254,184 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2014/10/18 12:17:24 | 008,296,296 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2014/10/18 12:17:24 | 008,044,976 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2014/10/18 12:17:24 | 007,028,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2014/10/18 12:17:24 | 003,437,632 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2014/10/18 12:17:24 | 001,335,544 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2014/10/18 12:17:24 | 001,113,576 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2014/10/18 12:17:24 | 000,734,861 | ---- | M] () -- C:\Windows\SysNative\atiicdxx.dat
[2014/10/18 12:17:24 | 000,619,008 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2014/10/18 12:17:24 | 000,576,000 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2014/10/18 12:17:24 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2014/10/18 12:17:24 | 000,239,616 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2014/10/18 12:17:24 | 000,190,976 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2014/10/18 12:17:24 | 000,146,944 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2014/10/18 12:17:24 | 000,133,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2014/10/18 12:17:24 | 000,118,096 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2014/10/18 12:17:24 | 000,100,032 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2014/10/18 12:17:24 | 000,089,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2014/10/18 12:17:24 | 000,080,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2014/10/18 12:17:24 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2014/10/18 12:17:24 | 000,075,264 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2014/10/18 12:17:24 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2014/10/18 12:17:24 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2014/10/18 12:17:24 | 000,069,632 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2014/10/18 12:17:24 | 000,062,464 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2014/10/18 12:17:24 | 000,052,224 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2014/10/18 12:17:24 | 000,031,232 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2014/10/18 12:17:23 | 014,302,208 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2014/10/18 12:17:23 | 001,210,880 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2014/10/18 12:17:23 | 000,900,608 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2014/10/18 12:17:23 | 000,609,272 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2014/10/18 12:17:23 | 000,609,272 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2014/10/18 12:17:23 | 000,367,104 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2014/10/18 12:17:23 | 000,078,432 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2014/10/18 12:17:23 | 000,071,704 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2014/10/18 12:17:23 | 000,065,024 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/10/18 12:17:23 | 000,058,880 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/10/18 12:17:23 | 000,055,808 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2014/10/18 12:17:23 | 000,049,152 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2014/10/18 12:17:23 | 000,043,520 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2014/10/18 12:17:22 | 033,867,264 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2014/10/18 12:17:22 | 028,770,304 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2014/10/18 12:17:22 | 005,639,168 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmantle64.dll
[2014/10/18 12:17:22 | 004,480,000 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmantle32.dll
[2014/10/18 12:17:22 | 000,759,301 | ---- | M] () -- C:\Windows\SysNative\amdicdxx.dat
[2014/10/18 12:17:22 | 000,418,304 | ---- | M] () -- C:\Windows\SysNative\amdmiracast.dll
[2014/10/18 12:17:22 | 000,048,128 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmmcl6.dll
[2014/10/18 12:17:22 | 000,037,888 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmmcl.dll
[2014/10/18 12:17:21 | 005,316,096 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdhsasc64.dll
[2014/10/18 12:17:21 | 004,335,616 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdhsasc.dll
[2014/10/18 12:17:21 | 000,293,088 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdacpksd.sys
[2014/10/18 12:17:21 | 000,157,224 | ---- | M] () -- C:\Windows\SysNative\amde31a.dat
[2014/10/18 12:17:21 | 000,134,656 | ---- | M] () -- C:\Windows\SysNative\amdhdl64.dll
[2014/10/18 12:17:21 | 000,128,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2014/10/18 12:17:21 | 000,123,392 | ---- | M] () -- C:\Windows\SysWow64\amdhdl32.dll
[2014/10/18 12:17:21 | 000,118,096 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2014/10/18 12:17:21 | 000,095,744 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2014/10/18 12:17:21 | 000,090,112 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2014/10/18 12:16:15 | 002,162,992 | ---- | M] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2014/10/18 12:16:13 | 002,117,424 | ---- | M] () -- C:\Windows\SysNative\SStudio.dll
[2014/10/18 12:16:13 | 002,101,848 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014/10/18 12:16:12 | 005,804,772 | ---- | M] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2014/10/18 12:16:12 | 002,834,648 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2014/10/18 12:16:12 | 001,959,128 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2014/10/18 12:16:12 | 001,048,824 | ---- | M] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2014/10/18 12:16:12 | 000,889,592 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2014/10/18 12:16:12 | 000,724,728 | ---- | M] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2014/10/18 12:16:12 | 000,246,008 | ---- | M] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2014/10/18 12:16:11 | 001,022,168 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2014/10/18 12:16:10 | 060,636,160 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2014/10/18 12:16:10 | 002,800,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RltkAPO64.dll
[2014/10/18 12:16:10 | 001,286,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2014/10/18 12:16:10 | 001,099,203 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/10/18 12:16:10 | 000,948,952 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2014/10/18 12:16:10 | 000,628,952 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2014/10/18 12:16:09 | 028,343,384 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnA64.dll
[2014/10/18 12:16:09 | 012,894,808 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO3064.dll
[2014/10/18 12:16:09 | 005,751,048 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2014/10/18 12:16:09 | 003,959,384 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnN64.dll
[2014/10/18 12:16:09 | 001,313,904 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2014/10/18 12:16:09 | 000,956,504 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2014/10/18 12:16:09 | 000,942,384 | ---- | M] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOSettingsIPC.dll
[2014/10/18 12:16:08 | 014,863,448 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2014/10/18 12:16:08 | 002,041,432 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014/10/18 12:16:08 | 001,934,424 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2014/10/18 12:16:08 | 001,317,976 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO6064.dll
[2014/10/18 12:16:08 | 001,168,472 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2014/10/18 12:16:08 | 001,136,728 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2014/10/18 12:16:08 | 001,063,512 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/10/18 12:16:08 | 000,900,696 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysWow64\MaxxAudioAPOShell.dll
[2014/10/18 12:16:07 | 002,770,976 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014/10/18 12:16:07 | 000,291,488 | ---- | M] (ICEpower a/s) -- C:\Windows\SysNative\ICEsoundAPO64.dll
[2014/10/18 12:16:06 | 006,218,072 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2014/10/18 12:16:06 | 001,939,800 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2014/10/18 12:16:06 | 000,315,736 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2014/10/18 12:16:06 | 000,261,464 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2014/10/18 12:16:06 | 000,033,592 | ---- | M] () -- C:\Windows\SysNative\audioLibVc.dll
[2014/10/18 12:15:46 | 000,081,608 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_sata.sys
[2014/10/18 12:15:46 | 000,023,752 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amd_xata.sys
[2014/10/18 11:37:25 | 000,000,976 | ---- | M] () -- C:\Users\xxx\Desktop\µTorrent.lnk
[2014/10/17 21:10:47 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2014/10/16 15:11:23 | 004,973,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/10/14 18:36:28 | 001,745,984 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/10/14 18:36:28 | 000,738,682 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014/10/14 18:36:28 | 000,722,278 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/10/14 18:36:28 | 000,151,404 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014/10/14 18:36:28 | 000,135,394 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/10/10 00:16:51 | 000,678,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/10/09 00:09:34 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/09/30 00:45:58 | 000,706,016 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/09/30 00:45:58 | 000,105,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/09/26 00:46:19 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/09/26 00:32:04 | 002,017,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/09/26 00:31:02 | 002,108,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

zdenek21 · #27 Příspěvek od **zdenek21** » 22 říj 2014 19:19

[2014/10/22 09:25:05 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/10/21 20:45:48 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014/10/21 20:36:25 | 000,000,753 | ---- | C] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/10/21 20:31:34 | 000,000,374 | ---- | C] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2014/10/21 20:22:06 | 001,290,752 | ---- | C] () -- C:\Users\xxx\Desktop\zoek.exe
[2014/10/21 20:14:03 | 000,554,013 | ---- | C] () -- C:\Users\xxx\Documents\Firefox 33.0 (x86 cs) - 2014-10-21.pcv
[2014/10/21 19:33:16 | 000,001,163 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/10/21 19:24:46 | 000,071,478 | ---- | C] () -- C:\Users\xxx\Desktop\bookmarks-2014-10-21.json
[2014/10/21 09:45:43 | 383,566,740 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/10/21 08:56:06 | 2575,441,919 | -HS- | C] () -- C:\hiberfil.sys
[2014/10/21 08:51:29 | 000,285,747 | ---- | C] () -- C:\shldr
[2014/10/21 08:51:29 | 000,096,815 | ---- | C] () -- C:\spyhunter.fix
[2014/10/21 08:51:29 | 000,008,192 | ---- | C] () -- C:\shldr.mbr
[2014/10/21 07:35:12 | 000,000,834 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/10/20 09:18:40 | 000,001,662 | ---- | C] () -- C:\Users\xxx\Desktop\Angry Birds v3.3.lnk
[2014/10/19 15:00:59 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\The Evil Within.lnk
[2014/10/19 14:28:52 | 000,001,665 | ---- | C] () -- C:\Users\xxx\Desktop\Dark Strokes The Legend of Snow Kingdom. Collector's Edition.lnk
[2014/10/18 13:10:13 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\F1 2014.lnk
[2014/10/18 12:17:25 | 000,322,868 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_vi.dat
[2014/10/18 12:17:25 | 000,321,200 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_vi_nd.dat
[2014/10/18 12:17:25 | 000,290,080 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cz_nd.dat
[2014/10/18 12:17:25 | 000,235,008 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2014/10/18 12:17:25 | 000,234,164 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2014/10/18 12:17:25 | 000,232,752 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2014/10/18 12:17:25 | 000,158,928 | ---- | C] () -- C:\Windows\SysNative\ativce03.dat
[2014/10/18 12:17:25 | 000,140,240 | ---- | C] () -- C:\Windows\SysNative\samu_krnl_ci.sbin
[2014/10/18 12:17:25 | 000,082,128 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
[2014/10/18 12:17:25 | 000,046,128 | ---- | C] () -- C:\Windows\SysNative\kapp_ci.sbin
[2014/10/18 12:17:25 | 000,041,936 | ---- | C] () -- C:\Windows\SysNative\kapp_si.sbin
[2014/10/18 12:17:24 | 003,471,376 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2014/10/18 12:17:24 | 003,437,632 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2014/10/18 12:17:24 | 000,734,861 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2014/10/18 12:17:23 | 000,609,272 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2014/10/18 12:17:23 | 000,609,272 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2014/10/18 12:17:22 | 000,759,301 | ---- | C] () -- C:\Windows\SysNative\amdicdxx.dat
[2014/10/18 12:17:22 | 000,418,304 | ---- | C] () -- C:\Windows\SysNative\amdmiracast.dll
[2014/10/18 12:17:21 | 000,157,224 | ---- | C] () -- C:\Windows\SysNative\amde31a.dat
[2014/10/18 12:17:21 | 000,134,656 | ---- | C] () -- C:\Windows\SysNative\amdhdl64.dll
[2014/10/18 12:17:21 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\amdhdl32.dll
[2014/10/18 12:16:13 | 002,117,424 | ---- | C] () -- C:\Windows\SysNative\SStudio.dll
[2014/10/18 12:16:12 | 005,804,772 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2014/10/18 12:16:10 | 001,099,203 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/10/18 12:16:06 | 000,033,592 | ---- | C] () -- C:\Windows\SysNative\audioLibVc.dll
[2014/10/18 11:37:25 | 000,000,976 | ---- | C] () -- C:\Users\xxx\Desktop\µTorrent.lnk
[2014/10/17 21:10:47 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2014/10/16 09:21:14 | 000,388,729 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/10/09 20:54:14 | 000,014,232 | ---- | C] () -- C:\Windows\SysWow64\sh4native.exe
[2014/09/20 19:08:53 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/09/03 22:15:46 | 000,004,608 | ---- | C] () -- C:\Windows\SECOH-QAD.exe
[2014/09/03 22:15:46 | 000,003,584 | ---- | C] () -- C:\Windows\SECOH-QAD.dll
[2014/08/30 11:31:28 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2014/08/06 20:23:28 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/07/24 19:09:52 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/07/24 19:06:58 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014/07/24 19:06:01 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/07/24 19:06:01 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/07/24 19:06:01 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2014/07/24 19:06:00 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014/07/24 19:06:00 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014/04/17 22:28:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014/04/17 21:54:28 | 000,242,688 | ---- | C] () -- C:\Windows\SysWow64\amdacpusl.dll
[2014/02/26 16:56:13 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 05:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2014/08/05 21:30:28 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/16 06:08:41 | 021,195,616 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/16 05:16:40 | 018,722,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/10/20 15:37:30 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\AMD
[2014/09/12 19:32:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Artifex Mundi
[2014/08/09 08:25:18 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Dango
[2014/09/03 09:23:46 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DiskDefrag
[2014/09/07 18:37:34 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Doublefine
[2014/09/18 08:53:20 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GameCartel
[2014/10/09 20:10:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GHISLER
[2014/09/03 22:30:31 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GlarySoft
[2014/10/20 15:37:29 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Rovio
[2014/08/06 22:12:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Seznam.cz
[2014/10/11 13:18:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\SMIGames
[2014/09/07 18:36:06 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\SpinTires
[2014/10/09 20:06:57 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Steam
[2014/08/06 08:38:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Unity
[2014/10/22 17:03:39 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\uTorrent
[2014/08/16 19:34:33 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Wargaming.net

========== Purity Check ==========

========== Custom Scans ==========

< >
[2013/08/22 16:45:54 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

< >

< MD5 for: AGP440.SYS >
[2014/08/13 10:22:54 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\SysNative\drivers\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\AGP440.sys
[2013/08/22 14:43:40 | 000,062,304 | ---- | M] (Microsoft Corporation) MD5=7DFAEBA9AD62D20102B576D5CAC45EC8 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\AGP440.sys
[2014/08/19 09:09:16 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\AGP440.sys

< MD5 for: ATAPI.SYS >
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\SysNative\drivers\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2014/08/13 10:27:22 | 000,028,249 | ---- | M] () MD5=0CBDE27FB26761852F7B22AFB8C51ACB -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_d2b24d5495b82963\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/02/22 13:24:36 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\SysNative\autochk.exe
[2014/02/22 14:17:06 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
[2014/08/13 12:25:22 | 000,023,596 | ---- | M] () MD5=83A4C9BE342BC296EC09492FF7594F13 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.16384_none_7693b1d0dd5ab82d\autochk.exe

< MD5 for: CDROM.SYS >
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\SysNative\drivers\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2013/08/22 12:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\Windows\SysNative\cryptsvc.dll
[2013/08/22 12:01:39 | 000,129,536 | ---- | M] (Microsoft Corporation) MD5=0EFE4B5884A8032617826A4D76F80969 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.3.9600.16384_none_66bdf96f6ec6545d\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2014/08/23 09:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\Windows\SysWOW64\explorer.exe
[2014/08/23 09:13:24 | 002,084,520 | ---- | M] (Microsoft Corporation) MD5=195822ACCDAA2B4815DD01BAFC335595 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2014/08/13 10:39:27 | 000,336,576 | ---- | M] () MD5=201E2AB1C87503398EFAE7D32AF29FFE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4273071d4db37533\explorer.exe
[2014/10/21 07:49:38 | 000,270,774 | ---- | M] () MD5=2195687491E604BA42961470EDA7660E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_42acff334d876b54\explorer.exe
[2014/10/21 10:02:05 | 000,220,250 | ---- | M] () MD5=286928E00AD34E9F88EB5BFA52660A70 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17238_none_4d01a98581e82d4f\explorer.exe
[2014/08/13 11:52:17 | 000,015,546 | ---- | M] () MD5=347EFF7EC89C3EB4F72F2408E1C4E16D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_4cfaa3b381ee81a0\explorer.exe
[2014/08/13 11:52:13 | 000,238,918 | ---- | M] () MD5=5177BB4FECDDB9CDBCF10EF65916968D -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_4ceff22781f6788c\explorer.exe
[2014/08/13 11:52:04 | 000,268,164 | ---- | M] () MD5=578A251C234E51BC6B9D684480EEB9DB -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16384_none_4cc7b16f8214372e\explorer.exe
[2014/10/21 07:49:36 | 000,271,249 | ---- | M] () MD5=667BC926C7CB889BF276A5FEA316CAEE -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_42adfbb14d868a5d\explorer.exe
[2014/08/13 10:39:35 | 000,169,957 | ---- | M] () MD5=6D919C26DCB567396CD2E119B8E4310E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17031_none_42a5f9614d8dbfa5\explorer.exe
[2014/08/13 11:52:08 | 000,239,123 | ---- | M] () MD5=7B546CB045C2A84D26A8D2FE07F9F98C -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_4d2233dd81cfba29\explorer.exe
[2014/08/23 09:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\Windows\explorer.exe
[2014/08/23 09:48:28 | 002,374,784 | ---- | M] (Microsoft Corporation) MD5=ACDBE1ED38167C8B01B8F63161BB2CEA -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2014/10/21 10:02:01 | 000,208,662 | ---- | M] () MD5=C131BC6F12417306A9C8469CA49110B1 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17039_none_4d02a60381e74c58\explorer.exe
[2014/08/13 10:39:30 | 000,284,534 | ---- | M] () MD5=D1EF5DE70183FB717B5FC4593A0E46BD -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16408_none_42cd898b4d6ef82e\explorer.exe
[2014/08/13 10:39:33 | 000,283,735 | ---- | M] () MD5=FA98C5D746E7C9E0912E88AC44FF9926 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.16441_none_429b47d54d95b691\explorer.exe

< MD5 for: HAL.DLL >
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\SysNative\hal.dll
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/08/13 10:42:00 | 000,067,721 | ---- | M] () MD5=234E14D7027BBA787712CE71422E8FC9 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16384_none_9be752af2da13dc9\hal.dll
[2014/08/19 09:13:45 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
[2014/08/13 10:42:00 | 000,066,982 | ---- | M] () MD5=B940921BC888E9EE5E51D4B56970669B -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16408_none_9c41d51d2d5cc0c4\hal.dll
[2014/08/13 10:42:01 | 000,066,843 | ---- | M] () MD5=D714202F057A317C8E31776EBEA0AEA2 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.16500_none_9c39d4b32d63f333\hal.dll

< MD5 for: IASTORV.SYS >
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_5069105fb236ae4b\iaStorV.sys
[2013/08/22 14:43:45 | 000,412,000 | ---- | M] (Intel Corporation) MD5=A2200C3033FA4EF249FC096A7A7D02A2 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.3.9600.16384_none_9fcfb2835bbf0103\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2014/08/13 10:22:54 | 000,000,012 | ---- | M] () MD5=06C6E29A8643D00197E214F3AA26A4B9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.16384_none_aad14d4692a7dfee\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\SysNative\drivers\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_36be84f8fc597ea3\isapnp.sys
[2013/08/22 14:43:45 | 000,021,856 | ---- | M] (Microsoft Corporation) MD5=8AFEEA3955AA43616A60F133B1D25F21 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17238_none_ab0b455c927bd60f\isapnp.sys
[2014/08/19 09:09:16 | 000,000,012 | ---- | M] () MD5=AC26F500DB64617F336315BB5A0FDBE1 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.3.9600.17031_none_ab043f8a92822a60\isapnp.sys

< MD5 for: LSASS.EXE >
[2013/08/22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\Windows\SysNative\lsass.exe
[2013/08/22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16384_none_2e2a01a866456d93\lsass.exe
[2013/08/22 15:25:35 | 000,045,008 | ---- | M] (Microsoft Corporation) MD5=F6F209DDB94959BA104FC8FC87C53759 -- C:\Windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.3.9600.16408_none_2e8484166600f08e\lsass.exe

< MD5 for: NDIS.SYS >
[2014/08/13 11:00:52 | 000,144,548 | ---- | M] () MD5=6FF1A14DC17A19F68C45B759E57F8F54 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16405_none_4a6b5fcffbc14927\ndis.sys
[2014/08/13 11:00:55 | 000,140,607 | ---- | M] () MD5=7B886741BDAE33AC4F116DF991D1E3CB -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16475_none_4a1fb05bfbfa0cbe\ndis.sys
[2014/08/13 11:00:51 | 000,141,699 | ---- | M] () MD5=975B2A08EFF9250B2504C01C77993ECC -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16384_none_4a13de3ffc031231\ndis.sys
[2014/08/13 11:00:54 | 000,139,631 | ---- | M] () MD5=A4F977473222918A2BD275FB72DC4816 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.16408_none_4a6e60adfbbe952c\ndis.sys
[2014/08/19 09:18:05 | 000,025,682 | ---- | M] () MD5=D2D6A481A75207BF24E9D48C61B7F012 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17031_none_4a46d083fbdd5ca3\ndis.sys
[2014/06/05 16:00:18 | 001,118,040 | ---- | M] (Microsoft Corporation) MD5=E4B4BE2D7750849C07589DA0B0AABA01 -- C:\Windows\SysNative\drivers\ndis.sys
[2014/06/05 16:00:18 | 001,118,040 | ---- | M] (Microsoft Corporation) MD5=E4B4BE2D7750849C07589DA0B0AABA01 -- C:\Windows\WinSxS\amd64_microsoft-windows-ndis-minwin_31bf3856ad364e35_6.3.9600.17199_none_4a0df531fc06cc28\ndis.sys

< MD5 for: NETLOGON.DLL >
[2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\Windows\SysNative\netlogon.dll
[2014/03/06 09:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) MD5=2468C21E34C49E4735B4BA430D448E91 -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_ee9e39a60bd3552e\netlogon.dll
[2014/08/13 12:09:19 | 000,058,552 | ---- | M] () MD5=35048C9600694C3BF01D644D1AAE62BE -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_f8cac1a04051b0c6\netlogon.dll
[2014/03/06 08:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\SysWOW64\netlogon.dll
[2014/03/06 08:29:17 | 000,688,640 | ---- | M] (Microsoft Corporation) MD5=582918F96C2B7E1E3AE17D08DB6DAC41 -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.17041_none_f8f2e3f840341729\netlogon.dll
[2014/08/13 11:08:41 | 000,108,975 | ---- | M] () MD5=D817ED82C2A0E1CED9B396826F52F7CB -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.3.9600.16384_none_ee76174e0bf0eecb\netlogon.dll

< MD5 for: NVRAID.SYS >
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\SysNative\drivers\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvraid.sys
[2013/08/22 14:43:31 | 000,150,368 | ---- | M] (NVIDIA Corporation) MD5=BC6B5942AFF25EBAF62DE43C3807EDF8 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\SysNative\drivers\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2013/08/22 14:43:32 | 000,168,288 | ---- | M] (NVIDIA Corporation) MD5=1F43ABFFAC3D6CA356851D517392966E -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.3.9600.16384_none_2a99233292f5aadb\nvstor.sys

< MD5 for: SCECLI.DLL >
[2013/08/22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\SysWOW64\scecli.dll
[2013/08/22 04:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) MD5=1F142D5BD1C3869C5D902779B6FEC3EF -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2013/08/22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\SysNative\scecli.dll
[2013/08/22 11:55:43 | 000,271,360 | ---- | M] (Microsoft Corporation) MD5=1F1B8D07708E40E54C55B392C78ECCE2 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll

< MD5 for: SMSS.EXE >
[2014/08/13 11:15:43 | 000,019,120 | ---- | M] () MD5=5FBA1F5F9AA1E09595F015118AE83A36 -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.16384_none_6f1f364dbcc273d3\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\SysNative\smss.exe
[2014/02/22 17:43:03 | 000,142,576 | ---- | M] (Microsoft Corporation) MD5=D8564418BAC13776E43DB5F6B4FA775E -- C:\Windows\WinSxS\amd64_microsoft-windows-smss-minwin_31bf3856ad364e35_6.3.9600.17031_none_6f522891bc9cbe45\smss.exe

< MD5 for: SVCHOST.EXE >
[2013/08/22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\SysWOW64\svchost.exe
[2013/08/22 07:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation) MD5=425E22D9F5C01616AFC92987791B19E9 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2013/08/22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\SysNative\svchost.exe
[2013/08/22 14:45:17 | 000,037,768 | ---- | M] (Microsoft Corporation) MD5=E4CA434F251681590D0538BC21C32D2F -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe

< MD5 for: TCPIP.SYS >
[2014/09/25 17:50:31 | 000,488,557 | ---- | M] () MD5=3A5576657B889412A5770B02E448C949 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16456_none_a3fee49b3a43236c\tcpip.sys
[2014/09/25 17:50:23 | 000,490,329 | ---- | M] () MD5=3C2894C572C9DEB4DAB23404EFFAA74A -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16408_none_a436f4cb3a18ca65\tcpip.sys
[2014/09/25 17:50:20 | 000,483,867 | ---- | M] () MD5=588D45CC710A05963026FEEAD49E5269 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16384_none_a3dc725d3a5d476a\tcpip.sys
[2014/10/21 09:58:12 | 000,445,111 | ---- | M] () MD5=5F46548648648BE21060C8DED2B56238 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17238_none_a4166a733a313d8b\tcpip.sys
[2014/09/25 17:50:35 | 000,484,418 | ---- | M] () MD5=6BEACE72D3AD3A7B766930C42D62E080 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16521_none_a41a54d33a2f4e0d\tcpip.sys
[2014/08/16 05:57:37 | 002,498,880 | ---- | M] (Microsoft Corporation) MD5=87F3713E620F62D243A82B3CB66CBDDE -- C:\Windows\SysNative\drivers\tcpip.sys
[2014/08/16 05:57:37 | 002,498,880 | ---- | M] (Microsoft Corporation) MD5=87F3713E620F62D243A82B3CB66CBDDE -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17278_none_a3eb2ac33a51ad4f\tcpip.sys
[2014/09/25 17:50:38 | 000,254,700 | ---- | M] () MD5=8B15952BE4FB7CF329EC3437A7EC4828 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17039_none_a41766f13a305c94\tcpip.sys
[2014/08/19 09:21:23 | 000,242,003 | ---- | M] () MD5=90511DE4535E8829764B1E1E220F56DB -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2014/08/19 09:21:16 | 000,245,652 | ---- | M] () MD5=A8B51EB7721B9B20DAFE48577EC3EF1B -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17085_none_a3dd562d3a5c82ed\tcpip.sys
[2014/09/25 17:50:27 | 000,491,038 | ---- | M] () MD5=BC02B0760EE585222FD38EE7CFCADC07 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.16423_none_a41c53813a2d8394\tcpip.sys

< MD5 for: USERINIT.EXE >
[2013/08/22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\SysNative\userinit.exe
[2013/08/22 12:03:12 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=08C191B2917862BE90C33E31CB6B6D79 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2013/08/22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\SysWOW64\userinit.exe
[2013/08/22 04:54:12 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=41636F77AD6D9A396EA34E4786B96F2B -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014/02/22 11:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\SysNative\winlogon.exe
[2014/02/22 11:45:48 | 000,562,176 | ---- | M] (Microsoft Corporation) MD5=306EB21E5B480AE9065EA55AC8C35936 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014/08/13 11:27:42 | 000,089,459 | ---- | M] () MD5=E40DC8DF924E02F04F3620DBAC1ACE31 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.16384_none_60816121a8e88269\winlogon.exe

< MD5 for: WS2_32.DLL >
[2013/08/22 07:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\SysWOW64\ws2_32.dll
[2013/08/22 07:17:54 | 000,313,488 | ---- | M] (Microsoft Corporation) MD5=428AF7FA03FF09CE1CD373ABFEBAD8A3 -- C:\Windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_87577549e9ef9b02\ws2_32.dll
[2013/08/22 15:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\Windows\SysNative\ws2_32.dll
[2013/08/22 15:25:35 | 000,355,872 | ---- | M] (Microsoft Corporation) MD5=6F997D98C6A30D79C622811FBAB9119E -- C:\Windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.3.9600.16384_none_e37610cda24d0c38\ws2_32.dll

< >

< %systemroot%*.* /U /s >
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[17 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\Panther\*.tmp files -> C:\Windows\Panther\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2014/10/21 07:56:25 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Adobe
[2014/10/20 15:37:30 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\AMD
[2014/09/12 19:32:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Artifex Mundi
[2014/08/05 18:14:17 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ATI
[2014/08/09 08:25:18 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Dango
[2014/09/03 09:23:46 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DiskDefrag
[2014/09/07 18:37:34 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Doublefine
[2014/08/30 13:40:37 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\dvdcss
[2014/09/18 08:53:20 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GameCartel
[2014/10/09 20:10:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GHISLER
[2014/09/03 22:30:31 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GlarySoft
[2014/08/05 18:41:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Macromedia
[2014/09/18 08:25:47 | 000,000,000 | --SD | M] -- C:\Users\xxx\AppData\Roaming\Microsoft
[2014/10/21 19:33:26 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Mozilla
[2014/08/24 19:00:57 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nero
[2014/10/20 15:37:29 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Rovio
[2014/08/06 22:12:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Seznam.cz
[2014/10/11 13:18:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\SMIGames
[2014/09/07 18:36:06 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\SpinTires
[2014/10/09 20:06:57 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Steam
[2014/08/06 08:38:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Unity
[2014/10/22 17:03:39 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\uTorrent
[2014/10/18 13:13:39 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\vlc
[2014/08/16 19:34:33 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Wargaming.net
[2014/10/17 21:18:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Winamp
[2014/08/05 21:18:04 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2014/09/17 19:02:18 | 000,010,134 | R--- | M] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2014/08/09 14:41:06 | 000,786,492 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
[2014/08/09 14:41:09 | 015,823,872 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
[2014/08/09 14:41:07 | 000,107,008 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
[2014/04/14 00:00:00 | 000,042,496 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\uTorrent\uninstall.exe
[2014/04/14 00:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\xxx\AppData\Roaming\uTorrent\utorrent.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"uTorrent" = "C:\Users\xxx\AppData\Roaming\uTorrent\utorrent.exe" -- [2014/04/14 00:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2014/09/25 16:45:06 | 006,480,664 | ---- | M] (Piriform Ltd)

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< >

< type c:\boot.ini >> test.txt /c >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2014/10/22 19:47:00 | 000,000,512 | ---- | M] () MD5=024C03B9DA5D24104A56741BD7708ECB -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014/10/05 10:25:11 | 000,012,882 | ---- | M] () -- \Users\xxx\Desktop\torrent\AVG PC TuneUp 2014 Multilingual + Crack.torrent
[2014/10/19 14:06:43 | 005,919,744 | ---- | M] () -- \Users\xxx\Downloads\Panoptikon\Crack - Aktivator-Alawar\All of Alawar's games Cracker v1.exe
[2014/10/19 14:05:13 | 000,000,411 | ---- | M] () -- \Users\xxx\Downloads\Panoptikon\Crack - Aktivator-Alawar\Návod na plnou verzi ( All of Alawar's games Cracker v1) - ČTI MĚ!!!!.txt
[2014/09/11 19:39:47 | 005,919,744 | ---- | M] () -- \Users\xxx\Downloads\Tajemná pohlazení - Legenda o sněžném království SE\Crack - Aktivator-Alawar\All of Alawar's games Cracker v1.exe
[2014/09/11 19:35:02 | 000,000,411 | ---- | M] () -- \Users\xxx\Downloads\Tajemná pohlazení - Legenda o sněžném království SE\Crack - Aktivator-Alawar\Návod na plnou verzi ( All of Alawar's games Cracker v1) - ČTI MĚ!!!!.txt

< *keygen* /s >
[2014/10/12 14:18:14 | 000,106,305 | ---- | M] () -- \Programy\Winamp PRO 5.666 Build 3510 Final (CZ)\KEYGEN-FFF.rar

< *AntiWPA* /s >

< *loader* /s >
[2013/09/03 12:19:28 | 000,000,768 | ---- | M] () -- \Games\Angry Birds v3.3\data\scripts_common\subsystems\loader.lua
[2009/03/12 22:12:20 | 005,114,880 | ---- | M] () -- \hudba\03-DAVE DARELL _ Freeloader (Spencer & Hill Radio Version)_NEW.mp3
[2007/01/08 15:10:28 | 004,507,648 | ---- | M] () -- \hudba\2005\Freeloaders feat. The Real Thing - So Much Love To Give.mp3
[2010/08/09 14:22:04 | 019,737,682 | ---- | M] () -- \hudba\Videoklipy\Dave Darrel - Freeloader Rob Mayth FX Bootleg Edit Official music video.avi
[2014/10/15 23:23:59 | 000,001,924 | ---- | M] () -- \Program Files (x86)\F1 2014\ai\track_statistics_loader.xml
[2014/10/15 23:23:59 | 000,000,115 | ---- | M] () -- \Program Files (x86)\F1 2014\audio\audio_loader.xml
[2014/10/15 23:24:04 | 000,000,342 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\garage_loader.xml
[2014/10/15 23:24:04 | 000,001,042 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\paddock_gameloader.xml
[2014/10/15 23:24:04 | 000,000,645 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\paddock_loader.xml
[2014/10/15 23:24:04 | 000,001,986 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\parcferme_loader.xml
[2014/10/15 23:24:04 | 000,001,832 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\parcferme_loader_gaqa.xml
[2014/10/15 23:24:04 | 000,001,830 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\parcferme_loader_gara.xml
[2014/10/15 23:24:04 | 000,001,831 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\parcferme_loader_gate.xml
[2014/10/15 23:24:04 | 000,001,807 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\parcferme_loader_gate_nt.xml
[2014/10/15 23:24:04 | 000,001,832 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\parcferme_loader_gawc.xml
[2014/10/15 23:24:04 | 000,002,060 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\parcferme_loader_pfqa.xml
[2014/10/15 23:24:04 | 000,002,060 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\parcferme_loader_pfra.xml
[2014/10/15 23:24:04 | 000,002,058 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\parcferme_loader_pfwc.xml
[2014/10/15 23:24:04 | 000,000,629 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\pitstop_loader.xml
[2014/10/15 23:24:04 | 000,000,722 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\race_marshal_loader.xml
[2014/10/15 23:24:04 | 000,001,587 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\trackside_garage_loader.xml
[2014/10/15 23:24:04 | 000,001,578 | ---- | M] () -- \Program Files (x86)\F1 2014\scenes\trackside_garage_reloader.xml
[2014/10/15 23:24:04 | 000,000,149 | ---- | M] () -- \Program Files (x86)\F1 2014\system\osd_loader.xml
[2009/05/31 03:21:00 | 000,071,008 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2009/05/31 03:21:00 | 000,073,568 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2014/08/06 21:49:12 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.212_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2013/08/23 00:11:07 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2013/08/23 00:11:07 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2013/08/23 00:11:07 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2013/08/23 00:13:59 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014/08/27 22:41:31 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Ace32Loader.exe
[2013/07/16 14:02:36 | 000,000,232 | ---- | M] () -- \ProgramData\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2013/07/16 14:02:36 | 000,000,232 | ---- | M] () -- \Users\All Users\Nero\Nero 10\OnlineServices\NOSWebConfig\MySpace\uploadError.xml
[2014/07/23 13:29:08 | 000,044,112 | ---- | M] () -- \Users\xxx\AppData\Local\AviraResume\avwebloader.dll
[2014/07/23 13:29:08 | 000,494,672 | ---- | M] () -- \Users\xxx\AppData\Local\AviraResume\avwebloader.exe
[2014/07/23 13:29:08 | 000,192,592 | ---- | M] () -- \Users\xxx\AppData\Local\AviraResume\avwebloadergui.dll
[2011/07/02 22:52:58 | 000,121,344 | ---- | M] () -- \Users\xxx\Downloads\Ekura(1)\Ekura\m2PythonLoader.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2014/08/13 10:23:07 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2014/08/13 10:23:06 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2014/08/13 10:23:12 | 000,598,463 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.efi
[2014/08/13 10:23:11 | 000,542,292 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.exe
[2014/08/13 10:23:17 | 000,598,454 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.efi
[2014/08/13 10:23:16 | 000,542,288 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.exe
[2013/08/22 13:21:30 | 000,046,592 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2013/08/22 15:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 13:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 13:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 13:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 13:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 13:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 13:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2014/08/06 21:15:41 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2014/08/13 12:52:39 | 000,009,588 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.efi.mui_35ee487d
[2014/08/13 12:52:39 | 000,009,604 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winload.exe.mui_3bc5b827
[2014/08/13 12:52:39 | 000,007,885 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.efi.mui_f412814e
[2014/08/13 12:52:39 | 000,007,900 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb_winresume.exe.mui_ff8b5358
[2014/08/14 21:17:26 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2014/08/19 09:44:43 | 000,724,249 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.efi_75834aa0
[2014/08/19 09:44:44 | 000,660,625 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.exe_75835076
[2014/08/19 09:44:46 | 000,646,411 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.efi_85cd069f
[2014/08/19 09:44:47 | 000,587,303 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.exe_85cd1215
[2013/08/22 17:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2013/08/23 00:06:47 | 000,000,463 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_2400ceb4d1008089.manifest
[2014/08/06 19:16:44 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_cs-cz_2433c0f8d0dacafb.manifest
[2013/08/22 17:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2014/02/26 16:36:24 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16411_none_4c2dcab94067d447.manifest
[2014/02/26 16:48:58 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16452_none_4c038b5340875d62.manifest
[2014/08/06 19:16:46 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2014/08/14 19:45:11 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2013/08/22 05:55:19 | 000,036,352 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll

< *minodlogin* /s >

< *tnod* /s >

< *AutoKMS* /s >

< *activator* /s >
[2014/09/18 08:21:36 | 000,000,691 | ---- | M] () -- \Users\xxx\AppData\Local\TuneUp Software\TuneUp Utilities 2014\Log\ProgramDeactivator.log

< *serial* /s >
[2014/05/13 23:17:02 | 000,434,368 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/08/14 20:06:14 | 001,164,288 | ---- | M] () -- \Program Files (x86)\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2013/06/11 09:40:28 | 000,248,144 | ---- | M] () -- \Program Files (x86)\Nero\Nero Blu-ray Player\boost_serialization-mt.dll
[2013/06/11 09:40:28 | 000,167,760 | ---- | M] () -- \Program Files (x86)\Nero\Nero Blu-ray Player\boost_wserialization-mt.dll
[2014/07/09 03:45:06 | 000,970,752 | ---- | M] () -- \Program Files (x86)\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2014/09/16 13:52:50 | 000,167,592 | ---- | M] () -- \Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.BackEnd.XmlSerializers.dll
[2014/09/16 13:52:50 | 000,210,088 | ---- | M] () -- \Program Files\Microsoft Office\Office15\ADDINS\PowerPivot Excel Add-in\Microsoft.AnalysisServices.Excel.Common.FrontEnd.XmlSerializers.dll
[2014/05/13 23:48:16 | 000,434,368 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.dll
[2014/08/14 20:06:37 | 001,546,240 | ---- | M] () -- \Program Files\Microsoft Silverlight\5.1.30514.0\System.Runtime.Serialization.ni.dll
[2014/07/09 03:45:33 | 000,847,872 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2013/08/23 00:07:45 | 000,090,112 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\cs\System.RunTime.Serialization.Resources.dll
[2014/10/12 14:18:14 | 000,000,051 | ---- | M] () -- \Programy\Winamp PRO 5.666 Build 3510 Final (CZ)\Serial.txt
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\2.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/23 00:07:45 | 000,090,112 | ---- | M] () -- \Windows\assembly\GAC_MSIL\system.runtime.serialization.resources\3.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.Resources.dll
[2014/07/09 03:45:06 | 000,970,752 | ---- | M] () -- \Windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2014/10/16 18:19:11 | 002,803,200 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ab763e7f2c7532e9fe8f587995105156\System.Runtime.Serialization.ni.dll
[2014/10/16 18:19:11 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\ab763e7f2c7532e9fe8f587995105156\System.Runtime.Serialization.ni.dll.aux
[2014/10/19 11:25:13 | 000,366,080 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\c2607e5e30faa9f137b103acde244fdf\System.Runtime.Serialization.Formatters.Soap.ni.dll
[2014/10/19 11:25:13 | 000,000,440 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runt9064068c#\c2607e5e30faa9f137b103acde244fdf\System.Runtime.Serialization.Formatters.Soap.ni.dll.aux
[2014/10/16 18:21:15 | 003,529,216 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\769339283c5376245c011d81ce725abd\System.Runtime.Serialization.ni.dll
[2014/10/16 18:21:15 | 000,000,980 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\769339283c5376245c011d81ce725abd\System.Runtime.Serialization.ni.dll.aux
[2013/08/22 17:32:39 | 000,001,032 | ---- | M] () -- \Windows\Inf\c_multiportserial.inf
[2012/10/01 20:36:32 | 000,166,864 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4420\AS_Client_BackEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2012/10/01 20:36:32 | 000,209,360 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005119110000000100000000F01FEC\15.0.4420\AS_Client_Common_FrontEnd_XmlSerializers_dll_64.47B66533_5246_4BD8_8040_12B3E5660DA4
[2013/08/23 00:07:47 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap.resources\v4.0_4.0.0.0_cs_b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Json\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Primitives\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Primitives.dll
[2014/06/05 05:33:14 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.RunTime.Serialization.resources\v4.0_4.0.0.0_cs_b77a5c561934e089\System.RunTime.Serialization.resources.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Xml\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Xml.dll
[2014/07/24 05:20:32 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.XmlSerializer\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Xml.XmlSerializer.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/07/09 03:45:07 | 000,970,752 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/24 05:20:32 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/08/23 00:07:47 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/05 05:33:14 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2014/06/24 00:12:50 | 000,131,072 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v2.0.50727\cs\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/07/09 03:45:34 | 000,847,872 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
[2014/07/24 05:20:21 | 001,059,536 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.dll
[2013/08/10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Json.dll
[2013/08/10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Primitives.dll
[2013/08/10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Runtime.Serialization.Xml.dll
[2013/08/10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.Serialization.dll
[2013/08/10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\System.Xml.XmlSerializer.dll
[2013/08/23 00:07:46 | 000,027,920 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/06/05 05:33:14 | 000,113,952 | ---- | M] () -- \Windows\Microsoft.NET\Framework64\v4.0.30319\cs\System.RunTime.Serialization.resources.dll
[2013/08/22 22:12:22 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 21:40:12 | 000,000,781 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.mum
[2013/08/22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/08/22 08:47:48 | 000,000,511 | ---- | M] () -- \Windows\servicing\Packages\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.mum
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\System32\serialui.dll
[2013/08/22 22:12:22 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~cs-CZ~6.3.9600.16384.cat
[2013/08/22 14:55:01 | 000,008,827 | ---- | M] () -- \Windows\System32\catroot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Serial-UartClass-package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat
[2013/08/23 00:07:32 | 000,005,120 | ---- | M] () -- \Windows\System32\cs-CZ\serialui.dll.mui
[2013/08/23 00:07:23 | 000,000,232 | ---- | M] () -- \Windows\System32\DriverStore\en-US\c_multiportserial.inf_loc
[2013/08/22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\c_multiportserial.inf_amd64_7875073d426d59a6\c_multiportserial.inf
[2013/08/22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\System32\DriverStore\FileRepository\msports.inf_amd64_1be60ad3a61e5531\serial.sys
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\SysWOW64\serialui.dll
[2013/08/23 00:07:32 | 000,005,120 | ---- | M] () -- \Windows\SysWOW64\cs-CZ\serialui.dll.mui
[2013/08/23 00:07:23 | 000,000,232 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb\c_multiportserial.inf_loc
[2013/08/22 08:57:38 | 000,001,032 | ---- | M] () -- \Windows\WinSxS\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff\c_multiportserial.inf
[2014/08/19 09:17:58 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b0eacafe7f4d1992\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_b12d926c7f1ac114\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2014/08/19 09:18:01 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_b1ceee03982636a5\System.Runtime.Serialization.Formatters.Soap.Resources.dll
[2013/08/23 00:07:32 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_3f29419cb7a1caf0\serialui.dll.mui
[2013/08/22 13:13:54 | 000,017,920 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_e5c00198f2a1c32d\serialui.dll
[2014/08/19 09:22:04 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_4e32729c2675dfcf\System.RunTime.Serialization.Resources.dll
[2013/08/23 00:07:45 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_4e753a0a26438751\System.RunTime.Serialization.Resources.dll
[2014/08/19 09:22:05 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-wcfcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_4f1695a13f4efce2\System.RunTime.Serialization.Resources.dll
[2013/08/23 00:07:23 | 000,009,728 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_b574829120336a99\serial.sys.mui
[2013/08/22 13:40:08 | 000,083,456 | ---- | M] () -- \Windows\WinSxS\amd64_msports.inf_31bf3856ad364e35_6.3.9600.16384_none_e95610bc8c554aa7\serial.sys
[2014/09/16 08:25:41 | 000,003,691 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_1da5c476c59b0e5b\System.RunTime.Serialization.resources.dll
[2014/06/05 05:33:14 | 000,113,952 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.17238_cs-cz_1da069eec59ff302\System.RunTime.Serialization.resources.dll
[2014/09/16 08:25:42 | 000,003,304 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..alization.resources_b03f5f7f11d50a3a_4.0.9600.20720_cs-cz_06d276aedf4770c6\System.RunTime.Serialization.resources.dll
[2013/08/10 02:41:27 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_f73c7de0bb1de286\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/10 02:41:28 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..lization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_64635c6af076b012\System.Runtime.Serialization.Primitives.dll
[2013/08/23 00:07:46 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runti..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_65f374ee29342685\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:41:27 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288\System.Runtime.Serialization.Json.dll
[2013/08/10 02:41:28 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5\System.Runtime.Serialization.Xml.dll
[2014/09/16 08:25:44 | 000,018,929 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba\System.Runtime.Serialization.dll
[2014/07/24 05:20:21 | 001,059,536 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17238_none_afca82460afdc961\System.Runtime.Serialization.dll
[2014/09/16 08:25:46 | 000,004,122 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20720_none_98fc8f0624a54725\System.Runtime.Serialization.dll
[2013/08/10 02:42:08 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399\System.Xml.Serialization.dll
[2013/08/10 02:42:08 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c\System.Xml.XmlSerializer.dll
[2014/08/19 09:25:13 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_f057a9271ce694b1\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:12:50 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_f0517be51cec2cbf\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/19 09:25:13 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\amd64_netfx-system.runtim..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_d981a48b36959176\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/19 09:26:44 | 000,000,639 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7\System.Runtime.Serialization.dll
[2014/09/16 08:27:12 | 000,000,425 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5\System.Runtime.Serialization.dll
[2014/07/09 03:45:34 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17231_none_9fc4e18c7c503707\System.Runtime.Serialization.dll
[2014/08/19 09:26:46 | 000,000,424 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c\System.Runtime.Serialization.dll
[2014/09/16 08:27:13 | 000,000,619 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20717_none_88f4af1295fa0242\System.Runtime.Serialization.dll
[2014/08/19 09:26:47 | 000,000,639 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060\System.Runtime.Serialization.dll
[2014/09/16 08:27:15 | 000,000,425 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e\System.Runtime.Serialization.dll
[2014/07/09 03:45:33 | 000,847,872 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_da9bee56d04831a0\System.Runtime.Serialization.dll
[2014/08/19 09:26:49 | 000,000,424 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25\System.Runtime.Serialization.dll
[2014/09/16 08:27:16 | 000,000,619 | ---- | M] () -- \Windows\WinSxS\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_c3cbbbdce9f1fcdb\System.Runtime.Serialization.dll
[2013/08/23 00:05:56 | 000,000,276 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf-languagepack_31bf3856ad364e35_6.3.9600.16384_cs-cz_c3036df581d2c4e4.manifest
[2013/08/23 00:06:15 | 000,000,249 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf.resources_31bf3856ad364e35_6.3.9600.16384_en-us_35eaebe6834354eb.manifest
[2013/08/22 17:20:14 | 000,000,210 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_c_multiportserial.inf_31bf3856ad364e35_6.3.9600.16384_none_91b10a007e43beff.manifest
[2013/08/22 15:25:34 | 000,000,297 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..gertransport-serial_31bf3856ad364e35_6.3.9600.16384_none_0273ed2980a1f589.manifest
[2013/08/22 17:22:11 | 000,001,512 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-serial-classextension_31bf3856ad364e35_6.3.9600.16384_none_26d3123b2d2a9360.manifest
[2013/08/22 17:22:07 | 000,000,110 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft.windows.h..tserial-driverclass_31bf3856ad364e35_6.3.9600.16384_none_1d7b32f2da6cfe0c.manifest
[2013/08/22 17:24:27 | 000,000,402 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_031841e9b021a288.manifest
[2013/08/22 17:24:29 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_ea3019bcd508d7f5.manifest
[2013/08/22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_afcfdcce0af8e4ba.manifest
[2014/09/11 18:50:40 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.17238_none_afca82460afdc961.manifest
[2014/09/11 18:50:40 | 000,000,413 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.runtime.serialization_b03f5f7f11d50a3a_4.0.9600.20720_none_98fc8f0624a54725.manifest
[2013/08/22 17:24:28 | 000,000,397 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.serialization_b03f5f7f11d50a3a_4.0.9600.16384_none_1f92ce7ac9b9f399.manifest
[2013/08/22 17:24:27 | 000,000,403 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_netfx4-system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_0b1c65bd7b1ef04c.manifest
[2013/08/22 17:24:13 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.16384_none_9fc99c9c7c4c05c7.manifest
[2014/08/14 19:43:10 | 000,000,404 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17226_none_9fc36f5a7c519dd5.manifest
[2014/09/11 18:54:30 | 000,000,404 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.17231_none_9fc4e18c7c503707.manifest
[2014/08/14 19:43:10 | 000,000,407 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20708_none_88f3980095fb028c.manifest
[2014/09/11 18:54:30 | 000,000,406 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization.ref_b03f5f7f11d50a3a_6.3.9600.20717_none_88f4af1295fa0242.manifest
[2013/08/22 17:24:13 | 000,000,416 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_daa0a966d0440060.manifest
[2014/08/14 19:43:10 | 000,000,413 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_da9a7c24d049986e.manifest
[2014/09/11 18:54:30 | 000,000,412 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_da9bee56d04831a0.manifest
[2014/08/14 19:43:10 | 000,000,415 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_c3caa4cae9f2fd25.manifest
[2014/09/11 18:54:30 | 000,000,414 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_c3cbbbdce9f1fcdb.manifest
[2013/08/22 17:24:29 | 000,000,418 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245.manifest
[2013/08/22 17:24:24 | 000,000,430 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d.manifest
[2013/08/22 17:24:13 | 000,000,400 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1.manifest
[2014/08/14 19:43:10 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff.manifest
[2014/09/11 18:54:29 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17231_none_ed2b43c67c46bf31.manifest
[2014/08/14 19:43:10 | 000,000,399 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6.manifest
[2014/09/11 18:54:29 | 000,000,401 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20717_none_d65b114c95f08a6c.manifest
[2013/08/23 00:06:59 | 000,000,448 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144.manifest
[2014/09/11 18:50:40 | 000,000,449 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.17238_cs-cz_257343c56d98d5eb.manifest
[2014/09/11 18:50:40 | 000,000,445 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.20720_cs-cz_0ea55085874053af.manifest
[2013/08/23 00:06:57 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b.manifest
[2014/08/14 19:43:09 | 000,000,406 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_cs-cz_7ad5184d8b944619.manifest
[2014/09/11 18:54:29 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17231_cs-cz_7ad68a7f8b92df4b.manifest
[2014/08/14 19:43:09 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_cs-cz_640540f3a53daad0.manifest
[2014/09/11 18:54:29 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20717_cs-cz_64065805a53caa86.manifest
[2013/08/22 17:24:24 | 000,000,419 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4.manifest
[2013/08/22 17:24:27 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d.manifest
[2014/09/11 18:50:40 | 000,000,471 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17238_none_c80b32a685f3b704.manifest
[2014/09/11 18:50:40 | 000,000,465 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20720_none_b13d3f669f9b34c8.manifest
[2013/08/22 17:24:13 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24.manifest
[2014/08/14 19:43:10 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732.manifest
[2014/09/11 18:54:29 | 000,000,422 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17231_none_1d6e7960a3edc064.manifest
[2014/08/14 19:43:10 | 000,000,421 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9.manifest
[2014/09/11 18:54:29 | 000,000,423 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20717_none_069e46e6bd978b9f.manifest
[2013/08/22 17:24:28 | 000,000,447 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202.manifest
[2013/08/22 17:24:24 | 000,000,420 | ---- | M] () -- \Windows\WinSxS\Manifests\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755.manifest
[2013/08/22 17:24:56 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966.manifest
[2014/08/14 19:43:10 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174.manifest
[2014/09/11 18:54:29 | 000,000,412 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_2249252de4c45aa6.manifest
[2014/08/14 19:43:10 | 000,000,408 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b.manifest
[2014/09/11 18:54:29 | 000,000,411 | ---- | M] () -- \Windows\WinSxS\Manifests\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_0b78f2b3fe6e25e1.manifest
[2013/08/10 02:55:16 | 000,142,104 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_4.0.9600.16384_none_0dbd81c1c9e100df\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/19 09:29:07 | 000,000,531 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.16384_none_63202903e7dbbda6\System.Runtime.Serialization.Formatters.Soap.dll
[2014/06/24 00:12:42 | 000,131,072 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.17226_none_6319fbc1e7e155b4\System.Runtime.Serialization.Formatters.Soap.dll
[2014/08/19 09:29:07 | 000,000,491 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ion.formatters.soap_b03f5f7f11d50a3a_6.3.9600.20708_none_4c4a2468018aba6b\System.Runtime.Serialization.Formatters.Soap.dll
[2013/08/23 00:07:47 | 000,027,920 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_4.0.9600.16384_cs-cz_c6e6982dc37909d8\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/08/19 09:29:08 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.16384_cs-cz_1c493f6fe173c69f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.17226_cs-cz_1c43122de1795ead\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/08/19 09:29:08 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.seri..ters.soap.resources_b03f5f7f11d50a3a_6.3.9600.20708_cs-cz_05733ad3fb22c364\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/10 02:55:16 | 000,029,392 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.json_b03f5f7f11d50a3a_4.0.9600.16384_none_61eedd30ec040245\System.Runtime.Serialization.Json.dll
[2013/08/10 02:55:16 | 000,029,432 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.primitives_b03f5f7f11d50a3a_4.0.9600.16384_none_dde82ee214ba2d3d\System.Runtime.Serialization.Primitives.dll
[2014/08/19 09:29:10 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.16384_none_ed2ffed67c428df1\System.Runtime.Serialization.dll
[2014/09/16 08:28:25 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17226_none_ed29d1947c4825ff\System.Runtime.Serialization.dll
[2014/07/09 03:45:07 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.17231_none_ed2b43c67c46bf31\System.Runtime.Serialization.dll
[2014/08/19 09:29:12 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20708_none_d659fa3a95f18ab6\System.Runtime.Serialization.dll
[2014/09/16 08:28:27 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.ref_b77a5c561934e089_6.3.9600.20717_none_d65b114c95f08a6c\System.Runtime.Serialization.dll
[2014/09/16 08:28:27 | 000,003,691 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.16384_cs-cz_25789e4d6d93f144\System.RunTime.Serialization.resources.dll
[2014/06/05 05:33:14 | 000,113,952 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.17238_cs-cz_257343c56d98d5eb\System.RunTime.Serialization.resources.dll
[2014/09/16 08:28:28 | 000,003,304 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_4.0.9600.20720_cs-cz_0ea55085874053af\System.RunTime.Serialization.resources.dll
[2014/08/19 09:29:12 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.16384_cs-cz_7adb458f8b8eae0b\System.RunTime.Serialization.Resources.dll
[2014/09/16 08:28:28 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17226_cs-cz_7ad5184d8b944619\System.RunTime.Serialization.Resources.dll
[2013/08/23 00:07:45 | 000,090,112 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.17231_cs-cz_7ad68a7f8b92df4b\System.RunTime.Serialization.Resources.dll
[2014/08/19 09:29:12 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20708_cs-cz_640540f3a53daad0\System.RunTime.Serialization.Resources.dll
[2014/09/16 08:28:29 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.resources_b77a5c561934e089_6.3.9600.20717_cs-cz_64065805a53caa86\System.RunTime.Serialization.Resources.dll
[2013/08/10 02:55:16 | 000,029,896 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization.xml_b03f5f7f11d50a3a_4.0.9600.16384_none_0d0d9cf22bac10f4\System.Runtime.Serialization.Xml.dll
[2014/09/16 08:28:31 | 000,018,929 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.16384_none_c8108d2e85eed25d\System.Runtime.Serialization.dll
[2014/07/24 05:20:32 | 001,059,536 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.17238_none_c80b32a685f3b704\System.Runtime.Serialization.dll
[2014/09/16 08:42:29 | 000,004,122 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_4.0.9600.20720_none_b13d3f669f9b34c8\System.Runtime.Serialization.dll
[2014/08/19 09:29:14 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.16384_none_1d733470a3e98f24\System.Runtime.Serialization.dll
[2014/09/16 08:42:31 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17226_none_1d6d072ea3ef2732\System.Runtime.Serialization.dll
[2014/07/09 03:45:06 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.17231_none_1d6e7960a3edc064\System.Runtime.Serialization.dll
[2014/08/19 09:29:16 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20708_none_069d2fd4bd988be9\System.Runtime.Serialization.dll
[2014/09/16 08:42:32 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\msil_system.runtime.serialization_b77a5c561934e089_6.3.9600.20717_none_069e46e6bd978b9f\System.Runtime.Serialization.dll
[2013/08/10 02:55:49 | 000,045,720 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.serialization_b77a5c561934e089_4.0.9600.16384_none_5aaf0d34c0033202\System.Xml.Serialization.dll
[2013/08/10 02:55:49 | 000,029,848 | ---- | M] () -- \Windows\WinSxS\msil_system.xml.xmlserializer_b03f5f7f11d50a3a_4.0.9600.16384_none_3cc4c9f9340d8755\System.Xml.XmlSerializer.dll
[2014/08/19 09:39:58 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_54cc2f7ac6efa85c\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/17 02:06:37 | 000,011,776 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.17226_cs-cz_550ef6e8c6bd4fde\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2014/08/19 09:40:01 | 000,000,012 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-n..xcorecomp.resources_31bf3856ad364e35_6.3.9600.20708_cs-cz_55b0527fdfc8c56f\System.Runtime.Serialization.Formatters.Soap.resources.dll
[2013/08/23 00:07:32 | 000,005,120 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-u..em-config.resources_31bf3856ad364e35_6.3.9600.16384_cs-cz_e30aa618ff4459ba\serialui.dll.mui
[2013/08/22 05:48:16 | 000,015,872 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-unimodem-config_31bf3856ad364e35_6.3.9600.16384_none_89a166153a4451f7\serialui.dll
[2014/08/19 09:43:53 | 000,000,661 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.16384_none_224de03de4c02966\System.Runtime.Serialization.dll
[2014/09/16 09:04:46 | 000,000,436 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17226_none_2247b2fbe4c5c174\System.Runtime.Serialization.dll
[2014/07/09 03:45:06 | 000,970,752 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.17231_none_2249252de4c45aa6\System.Runtime.Serialization.dll
[2014/08/19 09:43:54 | 000,000,433 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20708_none_0b77dba1fe6f262b\System.Runtime.Serialization.dll
[2014/09/16 09:04:48 | 000,000,632 | ---- | M] () -- \Windows\WinSxS\x86_wcf-system.runtime.serialization_b03f5f7f11d50a3a_6.3.9600.20717_none_0b78f2b3fe6e25e1\System.Runtime.Serialization.dll

< *w7lxe* /s >

========== Alternate Data Streams ==========

@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

< End of report >

zdenek21 · #28 Příspěvek od **zdenek21** » 22 říj 2014 19:20

EXTRAS.txt

OTL Extras logfile created on: 22. 10. 2014 19:45:52 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17351)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

8,00 Gb Total Physical Memory | 6,62 Gb Available Physical Memory | 82,71% Memory free
16,00 Gb Paging File | 14,50 Gb Available in Paging File | 90,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,32 Gb Total Space | 706,06 Gb Free Space | 75,81% Space Free | Partition Type: NTFS

Computer Name: ZDENDA-OLINKA | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1716491184-2317231473-1448380392-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{045984A8-78AF-4264-B4CE-056CF68F4C6D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{057CAAD3-71FB-4F6C-9520-8E19EEA868E9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0BBD696A-A9BB-4456-8CBD-14E41304A38C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0D5FE293-6ED5-4CA4-945D-A9E90B745CEF}" = rport=138 | protocol=17 | dir=out | app=system |
"{0F0B61F2-EAF8-44A0-806C-7966EF62A304}" = rport=139 | protocol=6 | dir=out | app=system |
"{1C06FC6C-030E-4624-9120-BE4B72082B2F}" = rport=2869 | protocol=6 | dir=out | app=system |
"{20B8AC4D-4DE4-4A01-9FE0-072B1E0777A0}" = rport=445 | protocol=6 | dir=out | app=system |
"{21ADE145-03F4-429D-BF1F-4F10C83E6441}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{31A5C8BA-4C6A-490A-B2AB-8812EF68639D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{340778FF-7838-4C32-BA30-C0E145D793DA}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{34ED0949-FFD2-4B9D-8FE4-EC841B7CDC3C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{426D9389-9267-40C2-8449-AE6505C384EC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4D009F20-0009-4AE7-8360-96926BCB5814}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4D7053C0-11CB-4003-B2D2-EE8AC6891D1D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4DF2A6D3-9C3E-4625-935C-79D7968B0287}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{62F52B23-3E42-45D2-9AEB-2FD7B3C6DABF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{681168C9-BF68-4F76-8B71-71947EE8CA01}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{699F5AB6-C28C-40E9-ABEC-E46854ED0784}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6A7BDF2A-376E-4365-8497-28E9F93F4786}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{71CEC4AC-C220-44B6-9AFB-D5E45174F137}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{72EB3272-90D9-4B9E-B87E-ED0FA538DA77}" = rport=10243 | protocol=6 | dir=out | app=system |
"{75249C83-7AF5-426A-90CF-6496775D46FD}" = rport=137 | protocol=17 | dir=out | app=system |
"{76BECF96-812A-4A0F-B762-4C8D38DE014A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{81E0EA41-534A-4325-9320-BE1502F480D8}" = lport=137 | protocol=17 | dir=in | app=system |
"{83C0BD4B-AD04-441E-942A-892B5185BECF}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{8F75305F-A7F6-4ABD-9219-EA12B5200391}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9114273E-B8CF-46F0-B4E3-E195C05B5A45}" = lport=2869 | protocol=6 | dir=in | app=system |
"{993D5056-7093-4ABC-96C7-0BEA6A42C0BE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A9F6A683-AB38-4C01-AD95-8A22200127D1}" = lport=139 | protocol=6 | dir=in | app=system |
"{B57708DF-43F6-41BC-B2D4-5C98F14983BF}" = lport=445 | protocol=6 | dir=in | app=system |
"{B64B9747-1F80-49CA-9386-4CA01A8110DF}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D3913152-623E-4ED8-A41C-AFFF5A98D952}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D50F90C2-93E1-489E-8E95-69404FD46044}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D751245F-5A80-486F-A7DD-AC10DA348159}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{DAA206E8-D041-4ACF-BA1E-3C1F53B51D64}" = lport=138 | protocol=17 | dir=in | app=system |
"{ECCA488B-7590-4E56-8D29-2CE258392D1F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EE7876ED-8FF4-4827-8665-126CA641B567}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F5840A95-63C5-4B88-A821-2CB097007B06}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F80DE942-3633-47EC-829C-977D3CE65482}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09627438-DF25-4ABB-B24E-46985B0A0F5E}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{0BFE22F7-B287-43C4-AFE6-A7240D54CF2C}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{15B932E6-CB14-43F1-AC7D-1878BF07970F}" = dir=out | name=@{microsoft.bingweather_3.0.4.214_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{18AD7E30-5B0E-4D78-B01A-3424E6545EB7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{19EE762D-88EF-4445-BB33-8D37714C1F8F}" = protocol=17 | dir=in | app=c:\users\xxx\downloads\utorrent-64-bit [1].exe |
"{1C83D4FA-2A99-4C4C-981B-7202124A962B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1E79C31A-A509-4946-8516-4D66AF56A922}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1ED73ECE-F63C-4AFE-A39C-A5AFCD0BDDEC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{200C23A8-C074-4989-85EE-05CEA0B11E5E}" = protocol=6 | dir=out | app=system |
"{20BDF9D5-3EB9-4021-B69C-09FB317A718D}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{2511D0A3-43A5-4C7E-9FF6-F2BE25833EC5}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{2DE46E35-7EBE-4723-AE80-9D53541FDD83}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3696A11F-530F-4A31-9800-9271F26A4E6E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3EF22B59-AEDC-46B4-A21A-36547F01CAE0}" = dir=in | app=c:\program files (x86)\alawar.cs\dark strokes the legend of snow kingdom collectors edition\darkstrokesthelegendofthesnowkingdomce.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4620CECE-CADC-4680-A0DA-13FF581CF5D4}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{4B026472-8C40-47C2-AB80-FE3C2EDFC02B}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{4E85BD06-9298-4218-BBD9-F9D350B89ACE}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5D367A54-4A84-4B8D-AFAD-8144B85DCC3C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E6F1EF7-B473-4673-A1FF-435FA71D78A7}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{67DFB117-4E1A-4048-A40F-AAA03E4BFA76}" = protocol=6 | dir=in | app=c:\users\xxx\downloads\utorrent-64-bit [1].exe |
"{6995C88B-0ECB-46A7-952B-CA8B1A14400B}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{6B88AD90-528F-4AF6-8301-A9735F9C5A59}" = dir=out | name=@{microsoft.bingtravel_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{6DC13B5C-BEA9-46DD-8BE3-524F481ABA8E}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{70C8A4D8-CFD7-476E-A88F-B53CC6147805}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{71874D5D-FF8E-4B0C-A8EC-47F39F6FAE6F}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"{72680ACC-B254-4165-85B7-1C0BE949624F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{75FC4714-044A-4450-AA38-63B47FC5D9DC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7951A213-7D30-414E-835A-AAF3A3371BB9}" = protocol=17 | dir=in | svc=mpssvc | app=c:\program files (x86)\midway games\wheelman\binaries\wheelmangame-final.exe |
"{7D635FDA-0028-45BF-860A-51D18C8B5DB0}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero blu-ray player\blu-rayplayer.exe |
"{836521A4-81B7-4A25-957A-AD6498903442}" = dir=out | name=@{microsoft.zunevideo_2.6.344.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{888294A2-D28C-4D82-9B8E-BFA265C02785}" = dir=out | name=@{microsoft.bingnews_3.0.4.213_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{9283475D-88AB-4451-BD95-394D66C0061D}" = dir=in | name=skype |
"{939A569D-9D82-4573-ACC9-1872A3B5C96A}" = dir=out | name=@{microsoft.bingfinance_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{9DC39ED4-E079-4122-B9B0-9B990A1D4728}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A6ED391E-9FF2-46BB-AF7D-4D535CEF6DB4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A7EBD1AB-8672-460D-875B-F688F174544E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AEBDA838-4F9F-4193-A030-9803C8831919}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B0503AA0-7782-46C4-B9C3-14A96DCB9FEC}" = protocol=17 | dir=in | svc=mpssvc | app=c:\program files (x86)\flockers™\flockers.exe |
"{B5C8D6FC-7F6A-4FC5-A8B9-7210C61AEB13}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BED75F20-BAE7-4F61-A2E5-7ACD49718F2E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{C158A1ED-EB3F-4340-B33A-B2036143EC43}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C15F38C0-630D-49B9-B42E-C9C2459FBBB7}" = dir=out | name=windows_ie_ac_001 |
"{C94BEDB2-0FC1-49AD-BE81-CFDB7EC82B43}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CFCE0B4D-040F-4BDB-8296-F6FF01E7D521}" = protocol=17 | dir=in | svc=mpssvc | app=c:\program files (x86)\flockers™\flockers.exe |
"{D67E7193-6A55-4B18-A672-F315CCCBBC3E}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DFE08FEF-B77F-4339-9E38-0B77BA2200FB}" = dir=out | name=@{microsoft.zunemusic_2.6.343.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{E33AC7CF-5163-45BB-A8C5-B23024A6A862}" = dir=in | app=%systemroot%\system32\alg.exe |
"{E42C546B-195B-4545-825E-192D9264757B}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{E6D69D16-285B-4F45-B76D-19BF19E87373}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{E969D640-C872-467A-AD4F-8578DD8AE3BE}" = dir=out | name=skype |
"{EB72073D-8405-42EF-8BE4-B5EB0CD9F7C0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{ED63AC9C-C4C4-40EA-8D74-E6208A734E80}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{F1161988-924C-4B0B-926A-EECA190F5CCE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F332B3BB-AC48-454D-934A-3E1354CFC299}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FBE2DB4C-8BA8-4449-B96D-4100096F77FB}" = dir=out | name=@{microsoft.bingsports_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"TCP Query User{0D38FB8D-15D9-49D1-BF66-37403EBB7908}C:\program files (x86)\assetto corsa\acs.exe" = protocol=6 | dir=in | app=c:\program files (x86)\assetto corsa\acs.exe |
"TCP Query User{53C022DE-8E6F-4DAB-A777-4797596804C4}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"TCP Query User{849424B4-52C9-41B7-AC36-E9D2540E222B}C:\users\xxx\downloads\ekura(1)\ekura\game.exe" = protocol=6 | dir=in | app=c:\users\xxx\downloads\ekura(1)\ekura\game.exe |
"TCP Query User{D39D49AA-48EA-418A-BDA4-5B59996A74F6}C:\users\xxx\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\xxx\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{4491841F-3145-483A-A4E7-B7D274047DCE}C:\users\xxx\downloads\ekura(1)\ekura\game.exe" = protocol=17 | dir=in | app=c:\users\xxx\downloads\ekura(1)\ekura\game.exe |
"UDP Query User{8E1E6ED5-1738-4FED-9E10-A5F46A7EB2B0}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
"UDP Query User{B5308DD9-8718-4803-A634-FAFE95B2769E}C:\program files (x86)\assetto corsa\acs.exe" = protocol=17 | dir=in | app=c:\program files (x86)\assetto corsa\acs.exe |
"UDP Query User{C25CE745-9C4F-454A-89A6-93C96CBB8302}C:\users\xxx\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\xxx\appdata\roaming\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{149FBD36-6E9E-2035-42B0-59D91714138D}" = AMD Fuel
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B3EF5E6-9A2C-0A1B-C61C-B1FD444B84BC}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5B09B029-2003-68CB-4918-D36567A244BC}" = ACP Application
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6119B3A6-3603-9695-0398-CDF2AF0A13F8}" = AMD Catalyst Install Manager
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.8
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0015-0405-1000-0000000FF1CE}" = Microsoft Access MUI (Czech) 2013
"{90150000-0016-0405-1000-0000000FF1CE}" = Microsoft Excel MUI (Czech) 2013
"{90150000-0018-0405-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Czech) 2013
"{90150000-0019-0405-1000-0000000FF1CE}" = Microsoft Publisher MUI (Czech) 2013
"{90150000-001A-0405-1000-0000000FF1CE}" = Microsoft Outlook MUI (Czech) 2013
"{90150000-001B-0405-1000-0000000FF1CE}" = Microsoft Word MUI (Czech) 2013
"{90150000-001F-0405-1000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-041B-1000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2013
"{90150000-0044-0405-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Czech) 2013
"{90150000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2013
"{90150000-0090-0405-1000-0000000FF1CE}" = Microsoft DCF MUI (Czech) 2013
"{90150000-00A1-0405-1000-0000000FF1CE}" = Microsoft OneNote MUI (Czech) 2013
"{90150000-00BA-0405-1000-0000000FF1CE}" = Microsoft Groove MUI (Czech) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2013
"{90150000-00E1-0405-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Czech) 2013
"{90150000-00E2-0405-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Czech) 2013
"{90150000-012B-0405-1000-0000000FF1CE}" = Microsoft Lync MUI (Czech) 2013
"{91150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ABD878B8-E7E3-2BC4-5A95-478133DCFFC3}" = AMD Accelerated Video Transcoding
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D3485211-6ACA-8BC3-1AAB-29FC5552C454}" = ccc-utility64
"{E7ACB435-E0B4-4770-77DE-ED38887CD133}" = AMD Fuel
"CCleaner" = CCleaner
"Office15.PROPLUSR" = Microsoft Office Professional Plus 2013
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"UnityWebPlayer" = Unity Web Player (x64) (All users)
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.11 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{031F80EB-1FE5-45EF-9DE2-E2F5AF01259F}" = CCC Help Spanish
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{070232F8-068B-1FF6-B5C4-F8F38E09C7E1}" = CCC Help Turkish
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B15A8C3-3B8A-F229-A880-82EA62908425}" = CCC Help Dutch
"{104DE091-6C4F-C5A9-F619-5D6C965A0296}" = CCC Help Chinese Traditional
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1A6752E1-966B-9D1F-F6B7-DDBCA6FC87ED}" = CCC Help Russian
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2058DA53-D5F2-D8D9-7325-39B0E367D1E1}" = CCC Help Swedish
"{2090B6D0-E025-5A67-9838-8F1D5768E643}" = CCC Help Chinese Standard
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F03217067FF}" = Java 7 Update 67
"{285C9F30-3BF8-697B-BD1D-353435E94B78}" = CCC Help Hungarian
"{29967A7C-6E18-91CD-BBE4-9C09F401E950}" = CCC Help Italian
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2AD4FF67-43E9-77AD-D90C-584F950E2D12}" = CCC Help French
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{3A577334-7C90-55BC-1878-F5862FA268B2}" = CCC Help Korean
"{3BF289E3-933B-F421-3B59-F6BB0D285B09}" = CCC Help Hungarian
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3CB6BA0C-6BC5-E543-221A-AA4DEBB6F4B5}" = CCC Help Polish
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{430E2D32-6EA9-E6E4-80A1-84047694A45B}" = CCC Help Czech
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6A8D33-09CD-FD44-4BF0-999E8A6E93C8}" = CCC Help Italian
"{511B5F54-CB1D-4F5B-BE0E-09B1D86BE586}" = Nero Video
"{54D05374-2428-7BE0-58CD-CE8031163DE6}" = CCC Help Russian
"{5909A89E-C97F-407C-AE2B-47BDED86BF5D}" = Prerequisite installer
"{5C6AFE98-08BF-086A-300D-18F77D284966}" = CCC Help Swedish
"{5C757800-27E8-2AE3-889A-8B959AE689F8}" = CCC Help Japanese
"{5D2B5E19-C333-4519-3D32-AAB8EEE9ACA4}" = AMD Catalyst Control Center
"{5D3EC645-B957-36A1-068A-FE8450963669}" = CCC Help Spanish
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61B90A4D-8CC9-2FED-2495-AC8C9467C984}" = CCC Help Norwegian
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6EBDE2A2-0CFB-9134-A859-68A0002B3FA6}" = CCC Help Thai
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{769E98DC-2BB0-83A7-51C9-306F30232345}" = Catalyst Control Center Graphics Previews Common
"{7C5B13DA-6A68-86C7-ED29-610CA0F49555}" = CCC Help French
"{80680785-2EE1-053F-9CD3-4B2C904596EE}" = Catalyst Control Center InstallProxy
"{8181B50E-0E33-DE07-AAB2-E71BBBDBF288}" = CCC Help Portuguese
"{8A640069-9784-701E-AC8E-84F62C42D1A3}" = CCC Help English
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{93098E43-2743-1551-447F-2699E9591E9C}" = CCC Help Danish
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{95B8F519-8C35-9010-A63C-51B3E0EE8D4E}" = CCC Help Dutch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A3703A3B-FDCF-4349-4B2E-A189A2B90B51}" = CCC Help Chinese Traditional
"{A3806AB7-AB46-7672-A825-F9AE0DE6910A}" = CCC Help Finnish
"{A619A488-A4BA-F2A0-72FA-4C484B93DC0F}" = CCC Help Greek
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.09) - Czech
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{B079957C-3276-4B9F-DB08-D1CA8C090D9E}" = CCC Help Greek
"{B12BE177-DC00-5746-3AB9-91CD090AF555}" = Catalyst Control Center Localization All
"{B166374C-105E-445E-8E5D-A86CA5742645}" = Nero Burning Core
"{B791E0AB-87A9-41A4-8D98-D13C2E37D928}" = Nero Info
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{BF5509A0-250A-25EA-0C19-61505E9EBA13}" = CCC Help Chinese Standard
"{C4799AAA-CE52-D2F1-63C8-E6D5106C78E0}" = CCC Help Norwegian
"{C4EE2BA3-EEA5-9650-86E0-0405ECA5C22C}" = CCC Help Thai
"{C6182116-5F2D-9949-B42B-06073E86A98A}" = CCC Help German
"{C69EA753-0D3F-E48B-8C98-7F6310DC29B8}" = CCC Help German
"{CC6C7F05-AF23-65BD-702D-705EAB723578}" = CCC Help Japanese
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}" = Nero Launcher
"{D5B7F1A3-2CA6-4C5C-EFB6-4AA5772F5310}" = CCC Help Turkish
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DBA6B3EF-A8C0-4EB2-9554-3A7879838580}" = Catalyst Control Center Localization All
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{EB766D4A-C56C-946D-F74D-43C78FE4521E}" = CCC Help Korean
"{ED0D7699-1943-0C29-7465-6530F8DE2DA2}" = CCC Help Polish
"{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4}" = Nero Express
"{EDA5BB56-AAF4-6889-AD8E-E25A17BD140B}" = CCC Help Czech
"{EEF14371-2D24-5A2D-0EF2-22010DB4CFA6}" = CCC Help Danish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}" = Nero Burning ROM
"{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}" = Nero 2014
"{F4A6308C-55E6-57DF-95BB-AEEF374B469A}" = CCC Help Finnish
"{F543B0F9-D1F9-25D1-993C-8430BEC9D889}" = Catalyst Control Center InstallProxy
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FDD69799-37B2-9ACE-F70C-ABD1F96FD04C}" = CCC Help Portuguese
"{FDF2FE33-426D-45C2-4E70-76C162F1B790}" = CCC Help English
"Mozilla Firefox 33.0 (x86 cs)" = Mozilla Firefox 33.0 (x86 cs)
"RjEyMDE0_is1" = F1 2014
"The Evil Within_is1" = The Evil Within
"uTorrent" = µTorrent
"Winamp" = Winamp
"WUCCCApp" = AMD VISION Engine Control Center

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1716491184-2317231473-1448380392-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dark Strokes: The Legend of Snow Kingdom. Collector's Edition" = Dark Strokes: The Legend of Snow Kingdom. Collector's Edition
"UnityWebPlayer" = Unity Web Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 22. 10. 2014 12:09:02 | Computer Name = zdenda-olinka | Source = Application Error | ID = 1000
Description = Název chybující aplikace: plugin-container.exe, verze: 33.0.0.5397,
časové razítko: 0x543924b1 Název chybujícího modulu: webplayer_win.dll, verze: 4.5.5.37569,
časové razítko: 0x5434f4d0 Kód výjimky: 0xc0000005 Posun chyby: 0x003c6a80 ID chybujícího
procesu: 0x814 Čas spuštění chybující aplikace: 0x01cfee1240b77d73 Cesta k chybující
aplikaci: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Cesta k chybujícímu
modulu: C:\Users\xxx\AppData\LocalLow\Unity\WebPlayer\player\Release3.x.x\webplayer_win.dll
ID
zprávy: bcb930a1-5a05-11e4-82b5-448a5b8e5a95 Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 22. 10. 2014 12:49:04 | Computer Name = zdenda-olinka | Source = Application Error | ID = 1000
Description = Název chybující aplikace: plugin-container.exe, verze: 33.0.0.5397,
časové razítko: 0x543924b1 Název chybujícího modulu: webplayer_win.dll_unloaded,
verze: 4.5.5.37569, časové razítko: 0x5434f4d0 Kód výjimky: 0xc00001a5 Posun chyby:
0x004afaa8 ID chybujícího procesu: 0x8e4 Čas spuštění chybující aplikace: 0x01cfee18151ef9b3
Cesta
k chybující aplikaci: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Cesta
k chybujícímu modulu: webplayer_win.dll ID zprávy: 5421f2ad-5a0b-11e4-82b5-448a5b8e5a95
Úplný
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

[ System Events ]
Error - 21. 10. 2014 14:44:01 | Computer Name = zdenda-olinka | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 21. 10. 2014 14:44:02 | Computer Name = zdenda-olinka | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 21. 10. 2014 14:44:02 | Computer Name = zdenda-olinka | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 21. 10. 2014 14:44:02 | Computer Name = zdenda-olinka | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 22. 10. 2014 1:17:16 | Computer Name = zdenda-olinka | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 22. 10. 2014 1:17:34 | Computer Name = zdenda-olinka | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 22. 10. 2014 3:37:43 | Computer Name = zdenda-olinka | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (9:12:32, ?22. ?10. ?2014) bylo neočekávané.

Error - 22. 10. 2014 3:44:29 | Computer Name = zdenda-olinka | Source = BugCheck | ID = 1001
Description =

Error - 22. 10. 2014 3:55:54 | Computer Name = zdenda-olinka | Source = DCOM | ID = 10010
Description =

Error - 22. 10. 2014 3:56:24 | Computer Name = zdenda-olinka | Source = DCOM | ID = 10010
Description =

< End of report >

zdenek21 · #29 Příspěvek od **zdenek21** » 22 říj 2014 19:21

Omlouvám se dříve jsem to nestihnul

#30 Příspěvek od **Márty84** » 22 říj 2014 20:04

V pohode, vzdyt o nic nejde

Taky mam i jine veci na praci nez sedet u pc. Proste az to vyjde, tak to vyjde

Napiste mi velikost adresare plochy (C:\Users\xxx\Desktop)

Vypnete antivir, at nebrani programu v praci.

Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
MBAMSwissArmy
fgjw
esgiguard
AdobeARMservice

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\ProgramData\Malwarebytes
C:\Windows\system32\drivers\ubaax.sys
C:\Windows\zoek-delete.exe
C:\zoek_backup
C:\ProgramData\IObit
C:\ProgramData\AVG
C:\Program Files (x86)\Enigma Software Group\SpyHunter

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1716491184-2317231473-1448380392-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\.DEFAULT..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun File not found
O4 - HKU\S-1-5-18..\Run: [AviraSpeedup] "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O20:64bit: - HKLM Winlogon: UserInit - (bj.dll) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[2014/10/21 09:46:45 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\AviraSpeedup
[2014/10/21 09:23:24 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\AviraResume
[2014/10/21 20:35:12 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2014/10/21 20:22:33 | 001,290,752 | ---- | M] () -- C:\Users\xxx\Desktop\zoek.exe
[2014/10/21 08:51:29 | 000,096,815 | ---- | M] () -- C:\spyhunter.fix
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[1 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[17 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\Panther\*.tmp files -> C:\Windows\Panther\*.tmp -> ]
@Alternate Data Stream - 6144 bytes -> C:\Windows\Cursors\arrow_n.cur:NEDTA.DAT

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-
"CCleaner Monitoring"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"Adobe ARM"=-
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

VIRY.CZ

Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní

Re: Zpomalený internet cca 14 dní